Am 27.01.2002 um 00:41:23 schrieb Rogier R. Mulhuijzen:
Hi Roger,
> What sort of changes are you talking about here? Maybe there's a different
> way of going about it.
I want to move an existing network from 91.0.0.0/8 to 172.16.0.0/16.
Furthermore name resolution changes from wins to dns and
Am 27.01.2002 um 02:11:30 schrieb Matthew Emmerton:
Hi Matt,
> Here's the patch that I wrote some time ago.
thanks a lot!
Did you send-pr the patch? It seems quite necessary to be added.
greetz
/ch
--
"Contrary to popular belief, Unix is user friendly.
It just happens to be selective abou
I have posted a similar question a few days ago on freebsd-questions
already but with no luck.
I'm attempting to configure road-warrior win2000 laptops to access a ipsec
server at the office. Since these win2000 laptops are dynamically assigned
ip addresses, sometimes even behind nat, it seems li
- Original Message -
From: "Soren Dossing" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, January 27, 2002 10:31 AM
Subject: ipsec, racoon, win2000, certifications, how-to?
> I have posted a similar question a few days ago on freebsd-questions
> already but with no luck.
>
> I
> Am 27.01.2002 um 02:11:30 schrieb Matthew Emmerton:
>
> Hi Matt,
>
> > Here's the patch that I wrote some time ago.
>
> thanks a lot!
> Did you send-pr the patch? It seems quite necessary to be added.
Not yet. One of the things that I don't like about this patch is that old
rules still stay ar
> Am 27.01.2002 um 00:41:23 schrieb Rogier R. Mulhuijzen:
>
> Hi Roger,
>
> > What sort of changes are you talking about here? Maybe there's a
different
> > way of going about it.
>
> I want to move an existing network from 91.0.0.0/8 to 172.16.0.0/16.
> Furthermore name resolution changes from w
(order of quoted mail slightly altered)
>I'm looking at making natd into a kernel option ("options IPNAT") and using
>a combination of sysctls and a front-end program to manage how nat operates,
>much like "options IPFIREWALL" and ipfw works today.
I've been kicking around the idea of making it
Matthew Emmerton wrote:
>
> > Am 27.01.2002 um 02:11:30 schrieb Matthew Emmerton:
> >
> > Hi Matt,
> >
> > > Here's the patch that I wrote some time ago.
> >
> > thanks a lot!
> > Did you send-pr the patch? It seems quite necessary to be added.
>
> Not yet. One of the things that I don't like a
You can also add rules that allow packets that are going over the INTERNAL
interface to skip the NAT divert rules.
then you'd only be doing it once.
On Sun, 27 Jan 2002, Andre Oppermann wrote:
> Matthew Emmerton wrote:
> >
> > > Am 27.01.2002 um 02:11:30 schrieb Matthew Emmerton:
> > >
> > > H
> (order of quoted mail slightly altered)
>
> >I'm looking at making natd into a kernel option ("options IPNAT") and
using
> >a combination of sysctls and a front-end program to manage how nat
operates,
> >much like "options IPFIREWALL" and ipfw works today.
I've been told that 'options IPFILTER'
On Sun, Jan 27, 2002 at 09:55:03AM -0500, Matthew Emmerton wrote:
> > Am 27.01.2002 um 02:11:30 schrieb Matthew Emmerton:
> >
> > Hi Matt,
> >
> > > Here's the patch that I wrote some time ago.
> >
> > thanks a lot!
> > Did you send-pr the patch? It seems quite necessary to be added.
>
> Not yet.
Julian Elischer writes:
> you need to attach the tty node to a tty using the regular
> terminal "line disciplin" methods.
> (similar to the way the ppp protocol handler is attached to a tty
> for kernel ppp)
Right.. you can only create an ng_tty node by installing it
as a line discipline, e.g., s
Am 27.01.2002 um 18:43:11 schrieb Andre Oppermann:
Hi Andre,
> Have a look at IPFILTER where IPNAT is part of. It does everything in
> the kernel.
to come back to my initial question: is there a way to modify ipnat
rules without breaking existing connections?
tia
/ch
--
"Contrary to popula
Am 27.01.2002 um 09:59:14 schrieb Matthew Emmerton:
Hi Matthew,
> Why not just add an IP alias for the "new" network on each machine? Each
> system will respond to packets directed to either network, but without the
> complexity of a NAT box in the middle. Once you've got everything switched,
> Am 27.01.2002 um 09:59:14 schrieb Matthew Emmerton:
>
> Hi Matthew,
>
> > Why not just add an IP alias for the "new" network on each machine?
Each
> > system will respond to packets directed to either network, but without
the
> > complexity of a NAT box in the middle. Once you've got everything
On Sun, Jan 27, 2002 at 09:53:56PM +0100, Clemens Hermann wrote:
> Am 27.01.2002 um 18:43:11 schrieb Andre Oppermann:
>
> Hi Andre,
>
> > Have a look at IPFILTER where IPNAT is part of. It does everything in
> > the kernel.
>
> to come back to my initial question: is there a way to modify ipnat
Archie do you want to check this in, or shall I?
Florent Parent wrote:
>
> --On 2002-01-18 21:30:00 -0800 [EMAIL PROTECTED] wrote:
> >> netgraph: sendto(.dummy): Bad address
> >
> > Hmm.. I wonder if the problem is that this has never worked :-)
>
> That would explain why I couldn't find any e
17 matches
Mail list logo
