Matt Dillon wrote:
>
> :Hi!
> :
> :I'm configuring a server able to do NAT and IP FILTERING (IPF).
> :
> :What are the required options that I should set to the kernel?
> :
> :I have this:
> :...
> :Jes�s Arn�iz
>
> I think all you need is:
>
> options IPFIREWALL
> options IPDIVERT
Those are for ipfw/natd. For ipfilter, you need:
> I usually also have (because it is useful):
>
> options IPFILTER
If you want to use ipmon to log ipf actions, you'll need:
options IPFILTER_LOG
The default state in ipf is open, you can change it to block with:
options IPFILTER_DEFAULT_BLOCK
That's it. ipnat uses ipfilter in the kernel and requires only the
IPFILTER option.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
[EMAIL PROTECTED] http://softweyr.com/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
