Hi, On Thu, Oct 2, 2008 at 6:09 AM, fire jotawski <[EMAIL PROTECTED]> wrote: > On Thu, Sep 25, 2008 at 12:10 AM, Kevin Kinsey <[EMAIL PROTECTED]> wrote: > >> FBSD1 wrote: >> >>> >>> natd_enable="YES" This statement in rc.conf enables ipfw nated function. >>> firewall_nat_enable="YES" This is an invalid statement. No such thing as >>> you have here. >>> >> >> This is no longer true; he did indeed find "firewall_nat_enable" >> in /etc/defaults/rc.conf. The knob seems to have first appeared >> in February in HEAD and I'm guessing it cues the system to use a >> new kernel-based nat rather than natd(8), but I've not read anything >> further about this, as my system isn't as up to date as the OP's. >> I don't know when this change was MFC'ed, but apparently fairly >> recently? >> >> I suppose we need someone a tad more "in the know" to straighten >> that out for us. >> > > up to this moment, i do not know if natd and firewall_nat function in the > same or different. > and is there firewall_nat_flags thing too ?
I'll try to explain, natd_* knobs are for natd(8), a daemon firewall_nat_* knobs are for ipfw(8), NAT is processed by the kernel firewall_nat_* was added in the begenning of year in RELENG_7 http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/rc.firewall?r1=126.96.36.199#rev188.8.131.52 The NAT configuration is done by /etc/rc.firewall, you can read this file to know how the configuration is done. This is two different ways to do NAT. I can't speak about performance, kernel vs daemon. Hope this helps. > thanks in advanced for any helps and hints. > regards, > psr > > >> >> Kevin Kinsey >> -- >> A wise man can see more from a mountain top >> than a fool can from the bottom of a well. >> > _______________________________________________ > email@example.com mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > Regards. -- There's this old saying: "Give a man a fish, feed him for a day. Teach a man to fish, feed him for life." _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"