>To which I can only say that in IPv4 world and VPN, NAT is almost
>mandatory. For me, using NAT allows me to set up VPN specific
>routing for my special project within a corporate network without
>bothering the network administrator with using FreeBSD instead of
>their Cisco stuff for routing. FreeBSD/KAME needs NAT for allowing
>it to being used in production environments today. NAT comes with
>IPFW, which is where the circle closes.
as mentioned before, there was an discussion about one of the freebsd
mailing lists. there was a proposed patch just like below
(the following patch works only for the latest KAME tree, not for
FreeBSD tree).
http://www.kame.net/dev/cvsweb.cgi/kame/freebsd4/sys/netinet/ip_input.c.diff?r1=1.16&r2=1.17
the patch tries to do the following, i have no environment to test.
http://www.netbsd.org/Documentation/network/ipsec/#ipf-interaction
itojun
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
