> > http://www.google.com/search?q=ipfilter+ipfw+together
> > --> http://false.net/ipfilter/2000_02/0407.html
>
> This is what we settled with eventually, but the processing order for
> packets when you're using both IPF and IPFW plus ipnat is seriously
> f*rked.
not to stray too far, but if IPFW is set to allow all incoming packets and is
only used for shaping, and you have ipfilter handling nat, then it seems it
would just be:
network card --> IPFW (traffic shape) --> IPF (filter+nat) --> userland
i guess an internally NAT address would go back out as:
IPF --> IPFW --> network card
doesn't seem that bad...
-randall
--
:// randall s. ehren :// voice 805.893.5632
:// systems administrator :// isber|survey|avss.ucsb.edu
:// institute for social, behavioral, and economic research
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
