Hello,
For many years I would build FreeBSD firewalls and they would be very,
very simple - I just set gateway_enable="yes" in rc.conf and everything
just worked.
However, these firewalls *always* had real, routable IPs no both sides.
Both interfaces had real, routable IPs.
Now I have a firewall that has two non-routable IPs for its interfaces,
and is connected to a internet router with the real IP. When I try to
builda very simple firewall it does not work, and I am forced to use
ipdivert and natd.
If I use ipdivert and natd, it works just fine.
So, am I correct that I can create a simple gateway without natd/divert as
long as both interfaces are real IPs, but if both interfaces are
non-routable IPs, I am forced to use divert/natd ?
Is that correct ?
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
