IPFW2 ve -stable a aktualizace source upgrade

Roman Neuhauser neuhauser at bellavista.cz
Thu Jul 25 10:31:26 CEST 2002

Previous message: IPFW2 ve -stable a aktualizace source upgrade
Next message: IPFW2 ve -stable a aktualizace source upgrade
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> From: Ales Kotmel <kotmel at annexnet.cz>
> To: <users-l at freebsd.cz>
> Subject: RE: IPFW2 ve -stable a aktualizace source upgrade
> Date: Thu, 25 Jul 2002 08:20:58 +0200
> 
> Od 07/01/2002 je na uvedene adrese novy postup jak zprovoznit stateful
> pravidla a tam ten samy autor uvadi
> funkcni priklady konfiguraci s cable pripojenim (pres Ethernet) nebo s
> vytacenym pripojenim. Takze si myslim,
> ze to fungovat bude.
> 
> 
>     http://www.freebsd-howto.com/HOWTO/Ipfw-Advanced-Supplement-HOWTO:
 
    mohl byste naucit outlook, aby zretelne odlisoval, kdo co napsal?

    jedine, co jsem tam nasel, je:

    After many days of trial and error testing I finally found an rules
    coding logic which functioned correctly using exclusively advanced
    check-state/keep-state stateful rules and the divert natd rule
    statement. (...) Technically this means each packet will have 2 sets
    of dynamic table rules, one set for the private Nic interface and
    one for the public Nic interface. This is an resource waste,
    decreases performance, and not necessary if the nat function is done
    outside of ipfw.
 
    z toho mi porad vyplyva, ze bude lepsi na filtrovani a nat pouzit
    ipfilter, a ipfw si nechat na dummy net.

-- 
Roman
Sel pantata / na prasata / boubelata / RATATATA!

Previous message: IPFW2 ve -stable a aktualizace source upgrade
Next message: IPFW2 ve -stable a aktualizace source upgrade
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list