RES: [FUGSPBR] NAT, IPFW e cia

Marcello Silva Coutinho marcelloc em trf1.gov.br
Seg Set 9 15:26:23 BRT 2002


>	Podem me dizer se o NATD/IPFW se da bem com aqueles protocolos mais
> "chatinhos" que requerem IP CRONTRACK ? estilo, DCC-SEND, em IRC, Envio
> de arquivos por Licq, realaudio streaming, e coisas do tipo?

no 'man natd', voce encontra:

     -punch_fw basenumber:count
		 This option directs natd to ``punch holes'' in an
		 ipfirewall(4) based firewall for FTP/IRC DCC connections.
		 This is done dynamically by installing temporary firewall
		 rules which allow a particular connection (and only that
con­
		 nection) to go through the firewall.  The rules are removed
		 once the corresponding connection terminates.

		 A maximum of count rules starting from the rule number
		 basenumber will be used for punching firewall holes.  The
		 range will be cleared for all rules on startup.


     -same_ports | -m
		 Try to keep the same port number when altering outgoing
pack­
		 ets.  With this option, protocols such as RPC will have a
		 better chance of working.  If it is not possible to
maintain
		 the port number, it will be silently changed as per normal.


att,
Marcello Silva Coutinho
________________________________________________
Para sair da lista visite o URL abaixo:
http://www2.fugspbr.org/mailman/listinfo/fugspbr



Mais detalhes sobre a lista de discussão freebsd