> Rather than a "problem" with ipfw however, I think I've got a > fundamental problem with how to do this. If I understand correctly, in > order for natd to "reverse" a divert rule (translate the destination > IP back to the original IP on return traffic) the packet has to come > through the same interface it was originally seen by natd on - is this > correct? > > For whatever reason I still seem to be unable to use gif0 for this > purpose, which seems to be the closest thing to an "ipsec interface" > available (I'm beginning to think it's nowhere near as useful as enc0 > on OpenBSD). Thus, I'm stuck translating packets when they either > enter the LAN interface or leave the WAN, the former seems the best > option.
IIRC, I read somewhere this is precisely the reason why enc(4) was written. -- Jeremie Le Hen [EMAIL PROTECTED] _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
