/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */ >In our extensive testing, the addition of this patch does _NOT_ affect the >operation of the kernel or the masquerading code in any other way. The new >code is not invoked unless a forwarding module that uses it is invoked. > >There is no portbfw (like mbfw) because we consider portfw to be obsolete, >and it does not support port ranges like mfw (through ipchains marking), >so it is more difficult to set up in such situations than mfw. Hello Rolf: I am the IPMASQ HOWTO maintainer and work along most of the IP MASQ code maintainers. Curious, why do you feel that the PORTFW is obsolete? I only see THREE issues with PORTFW (be it "ipportfw" or "ipmasqadm portfw"): 1. It doesn't forward INTERNAL traffic to the portfw'ed host. This is unfortunate but redir will do that for you if required. 2. It doesn't forward FTP traffic into internal sites very well. 3. It doesn't eaily allow for RANGES of ports to be forwarded. Beyond that, what does MBFW give us? A few more Qs: 1. What does MBFW stand for? 2. Can MBFW and PORTFW co-exist on the same machine? --David .----------------------------------------------------------------------------. | David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] | !---- ----! `----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----' _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
