Re: [Nufw-users] NuFW and NAT/Route

nufw-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nufw-users] NuFW and NAT/Route

From:	Vincent Deffontaines
Subject:	Re: [Nufw-users] NuFW and NAT/Route
Date:	Mon, 24 Jan 2005 15:40:33 +0100 (CET)
User-agent:	SquirrelMail/1.4.3a

Lockenvitz Jan EXT a écrit :
> Hi,
>
> it's me again ;-)
>
> Is NuFW able to add NAT rules for each user to the FW ?
>
> Is NuFW able to handle handle other targets than ACCEPT and DROP,
> especially ROUTE?
>
> I need it one of them for my roadworriers to get the routing OK
>
> Thanx,
> Jan

Hmmm, quick answer is no.
NuFW is about IP filtering, hence only is concerned with the Netfilter's
"filter" table.

The libipq allows only for two possible decisions : ACCEPT or DROP. It is
not possible to have nufw send any other information, routing decision,
nat rule or anything back to the kernel.

This is a kernel limitation, not one of NuFW.

Usually, the NAT rule of a firewall contains only very few, fixed rules ;
I'm not sure I understand what you're trying to do.

By the way, NuFW and QUEUE stuff are only about the gateway. NuFW has
absolutely nothing to do with routing decisions or filter rules on the
clients machines. The nutcpc (and other client programs) are 100%
userspace application, which [very] basically act based on what "netstat"
shows.

Vincent

[Prev in Thread]

Current Thread

[Next in Thread]

[Nufw-users] NuFW and NAT/Route, Lockenvitz Jan EXT, 2005/01/24
- Re: [Nufw-users] NuFW and NAT/Route, Vincent Deffontaines <=
  - Re: [Nufw-users] NuFW and NAT/Route, Eric Leblond, 2005/01/24

Prev by Date: [Nufw-users] NuFW and NAT/Route
Next by Date: Re: [Nufw-users] nutcpc does not recognise outgoing packets
Previous by thread: [Nufw-users] NuFW and NAT/Route
Next by thread: Re: [Nufw-users] NuFW and NAT/Route
Index(es):
- Date
- Thread