> your best solution is to add a skipto before the divert rule.
Thank you, Barry, but is not that what I'm doing in the sample?
> You can therefore skip any traffic from a private address to another
> private address. Anything not matched by the skipto rule gets fed to
> the divert socket.
The trick was to figure out, what could be skipped, and what could not.
I'm wondering, if I got that right -- it seems to work find, but does it
leave something open? Before I can recommend it to others, I'd like to
be more sure :-)
-mi
> ----- Original Message -----
> From: "Mikhail Teterin" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, February 04, 2003 7:27 AM
> Subject: Does natd(8) really need to see _all_ packets?
>
>
> > Hi!
> >
> > This question bothered me for a while -- most of the traffic on my
> > LAN is just that -- local. Yet my gw/firewall machine only has one
> > interface -- with two IP addresses -- private and public on it.
> >
> > The DSL modem is plugged into the switch just like everything else.
> >
> > I doubt this is a unique setup.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
