Re: Kernel Config for NAT

Robert Huff Thu, 08 Apr 2010 09:35:47 -0700

        I am planning to a) update a -CURRENT system to recent code,
and b) install ipfw+NAT.
        The documentation in the Handbook is confusing and/or
incomplete.  So far I have:


1) in /boot/loader.conf:

ipfw_load="YES"
ipdivert_load="YES"

2) in the kernel config:

#options  IPFIREWALL              #firewall
#options  IPFIREWALL_VERBOSE      #enable logging to syslogd(8)
#options  IPFIREWALL_VERBOSE_LIMIT=100    #limit verbosity
#options  IPFIREWALL_DEFAULT_TO_ACCEPT    #allow everything by default
#options  IPDIVERT
#options  IPFIREWALL_NAT          #ipfw kernel nat support
options  LIBALIAS                               # required for NAT

3) in /etc/sysctl.conf:

net.inet.ip.fw.default_to_accept="1"
net.inet.ip.fw.verbose="1"
net.inet.ip.fw.verbose_limit="100

        Is there anything else I need?  (Assume I have a working set of
firewall rules.)
        Is there anything I need to take out?

        Respectfully,


                                Robert Huff

_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[email protected]"

Re: Kernel Config for NAT

Reply via email to