by default the flow is:
wire -> ipnat -> ipfilter -> ipfw -> kernel -> ipfilter -> ipnat ->ipfw
the patch in the above PR changes it to:
wire -> ipnat -> ipfilter -> ipfw -> kernel -> ipfw -> ipfilter -> ipnat
Interesting! Thanks for all the great info guys.
I don't really need to use the patch, since I simply want to limit my outbound bandwidth usage.
The problem with my rules before was a result of not understanding that nat translation had already taken place (I think). I'll test this weekend.
Thanks; -Charlie _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
