On 10.07.2012 03:18, Rolf Grossmann wrote:
Hi,
I've started switching my machines to in-kernel nat and I've run into a
case where I need to tell the nat instance which packets to treat as
incoming and which as outgoing. With natd I've been able to use divert
with different ports and in_port and out_port options. The in-kernel nat
however doesn't seem to have a method of specifying nat direction and
instead always uses the information from the interface.
Not exactly.
If we're talking about ipfw nat, situation is the following:
ipfw nat module determines direction the following way:
if outgoing interface exists (e.g. ipfw is called after routing decision
is done, "out" case) then inside->outside translation is called (
LibAliasOut founction) otherwise outside->inside is called (
LibAliasIn). This behavior can be reverted by specifying 'reverse'
keyword in nat configuration.
Alternatively, you can specify in/out explicitly by using ng_nat with
ng_ipfw.
My question is, am I missing something? Is there a patch I could try?
Has the issue even come up before?
Thanks, Rolf.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[email protected]"
--
WBR, Alexander
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[email protected]"
