freebsd-skq/etc
Paolo Pisati ff2f6fe80f Summer of Code 2005: improve libalias - part 2 of 2
With the second (and last) part of my previous Summer of Code work, we get:

-ipfw's in kernel nat

-redirect_* and LSNAT support

General information about nat syntax and some examples are available
in the ipfw (8) man page. The redirect and LSNAT syntax are identical
to natd, so please refer to natd (8) man page.

To enable in kernel nat in rc.conf, two options were added:

o firewall_nat_enable: equivalent to natd_enable

o firewall_nat_interface: equivalent to natd_interface

Remember to set net.inet.ip.fw.one_pass to 0, if you want the packet
to continue being checked by the firewall ruleset after being
(de)aliased.

NOTA BENE: due to some problems with libalias architecture, in kernel
nat won't work with TSO enabled nic, thus you have to disable TSO via
ifconfig (ifconfig foo0 -tso).

Approved by: glebius (mentor)
2006-12-29 21:59:17 +00:00
..
bluetooth Correct BD_ADDR entry for "Dummy" device in the default hcsecd.conf. 2006-05-18 17:53:49 +00:00
defaults Add auditd_program variable to defaults, in order to make it more clear 2006-11-06 15:11:24 +00:00
etc.amd64
etc.arm
etc.i386
etc.ia64
etc.powerpc Comment out ofw_console 'screen' entry and zs tty entries. 2005-09-10 22:46:03 +00:00
etc.sparc64 Remove last vestiges of sab(4). 2006-04-25 19:43:53 +00:00
gss Add a new extensible GSS-API layer which can support GSS-API plugins, 2005-12-29 14:40:22 +00:00
isdn Two years ago, in rev. 1.12, a typo slipped in etc/isdn/Makefile: 2006-03-07 09:53:11 +00:00
mail Finish adding _dhcp user. 2005-06-07 03:41:20 +00:00
mtree Move npe.4 to a machine specific manpage subdirectory. 2006-12-05 16:57:10 +00:00
namedb In accordance with my intentions announced (and not objected to) 2005-09-05 13:42:22 +00:00
pam.d Remove rexecd(8), a server that implements a particularly insecure 2005-06-10 20:52:36 +00:00
periodic The kvm_mkdb(8) is long dead. 2006-08-29 08:49:58 +00:00
ppp
rc.d Add "nojail" keyword to prevent spurious error messages. 2006-12-29 15:56:21 +00:00
root
sendmail Use new OSTYPE(freebsd6). 2005-06-14 02:25:17 +00:00
amd.map Switch default proto to TCP. 2006-11-06 01:42:11 +00:00
apmd.conf
auth.conf
cached.conf - Extend the nsswitch to support Services, Protocols and Rpc 2006-04-28 12:03:38 +00:00
crontab
csh.cshrc
csh.login
csh.logout
devd.conf Announce all interfaces to devd on attach/detach. This adds a new devctl 2006-06-01 00:41:07 +00:00
devfs.conf
dhclient.conf
disktab Replace duplicate and not quite accurate capabilities 2006-10-14 16:39:03 +00:00
fbtab
freebsd-update.conf Add FreeBSD Update 2.0 client code. The build code is in the projects 2006-08-31 09:51:34 +00:00
ftpusers Finish adding _dhcp user. 2005-06-07 03:41:20 +00:00
gettytab Add autologin entries (al.NNN) for higher console speeds. 2006-04-11 09:54:23 +00:00
group Assign gid 77 to audit instead of gid 73. The ports group list did not 2006-02-05 19:34:09 +00:00
hosts
hosts.allow Comment out lines that use example addresses and example.com names so 2006-08-29 09:20:48 +00:00
hosts.equiv
hosts.lpd
inetd.conf Re-add lukemftpd. It has: PAM, MAC, per-class nologin files, 2006-08-31 17:15:10 +00:00
libalias.conf Fix a regression: let natd load libalias modules before /usr is mounted 2006-10-08 14:02:00 +00:00
login.access
login.conf Add a short description of how a literal colon ':' can be inlined in the 2005-08-31 15:02:11 +00:00
mac.conf
Makefile Summer of Code 2005: improve libalias - part 1 of 2 2006-09-26 23:26:53 +00:00
man.alias
master.passwd Add _dhcp user/group as required by the OpenBSD dhclient. 2005-06-06 20:19:56 +00:00
minfree
motd
netconfig
netstart Remove reference to no longer existant /etc/rc.d/pccard. 2006-05-30 02:10:01 +00:00
network.subr Do not try to rtsol on pflog or pfsync devices. 2006-10-29 13:29:49 +00:00
networks
newsyslog.conf - Update etc/rc.d/newsyslog to FreeBSD standards and install it. 2005-03-02 00:40:55 +00:00
nls.alias
nscd.conf - Extend the nsswitch to support Services, Protocols and Rpc 2006-04-28 12:03:38 +00:00
nsmb.conf
nsswitch.conf Install /etc/nsswitch.conf statically rather than generating it at 2006-05-03 15:14:47 +00:00
opieaccess
pccard_ether Disable IPv6 configuration for interfaces in pccard_ether_start(). 2006-12-08 15:48:42 +00:00
pf.conf Document the user/group LOR in our sample pf.conf 2006-01-27 17:16:20 +00:00
pf.os Synchronize pf.os with OpenBSD. 2006-10-23 05:09:44 +00:00
phones Kill the default phone numbers. 2006-08-31 21:13:12 +00:00
portsnap.conf Add a warning pointing out that incomplete ports trees are not 2006-01-18 03:40:57 +00:00
printcap
profile
protocols Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
rc Attempt to make running the new rc in a jail more automatic by 2006-02-20 21:54:30 +00:00
rc.bsdextended Clean up, comment out non-base utilities, fix up comments. 2006-04-22 11:02:44 +00:00
rc.firewall Summer of Code 2005: improve libalias - part 2 of 2 2006-12-29 21:59:17 +00:00
rc.firewall6 Move etc/rc.firewall6 to ipfw2+v6, update related rc.d and periodic scripts. 2006-05-12 19:17:34 +00:00
rc.initdiskless - put some common code in a function handle_remount(); 2006-12-03 23:50:29 +00:00
rc.resume
rc.sendmail
rc.shutdown Introduce startup scripts from the local_startup directories to 2005-12-02 20:06:07 +00:00
rc.subr MFp4: 2006-12-27 13:15:33 +00:00
rc.suspend
remote
rpc
services o Add IANA assigned InterBase Database Remote Protocol 3050/tcp/udp. 2006-01-25 17:37:15 +00:00
shells
snmpd.config Add a (disabled) configuration line to enable snmp_bridge(3) module. 2006-12-20 22:10:34 +00:00
sysctl.conf
syslog.conf Fix a terrible braino in last commit. Put kern.debug back to /var/log/messages 2005-03-12 12:31:16 +00:00
termcap.small