From owner-freebsd-bugs  Fri Sep 14  3:40: 6 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 7D29737B405
	for <freebsd-bugs@hub.freebsd.org>; Fri, 14 Sep 2001 03:40:02 -0700 (PDT)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f8EAe2k40370;
	Fri, 14 Sep 2001 03:40:02 -0700 (PDT)
	(envelope-from gnats)
Date: Fri, 14 Sep 2001 03:40:02 -0700 (PDT)
Message-Id: <200109141040.f8EAe2k40370@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Bill Fumerola <billf@mu.org>
Subject: Re: misc/30571: Error handling by natd causes all communications to cease when ambiguous statement exists in natd.conf making remote administration to fix impossible.
Reply-To: Bill Fumerola <billf@mu.org>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR misc/30571; it has been noted by GNATS.

From: Bill Fumerola <billf@mu.org>
To: Bill Daniel <vlaad@baldfewls.net>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: misc/30571: Error handling by natd causes all communications to cease when ambiguous statement exists in natd.conf making remote administration to fix impossible.
Date: Fri, 14 Sep 2001 05:32:56 -0500

 On Fri, Sep 14, 2001 at 01:03:49AM -0700, Bill Daniel wrote:
 
 > My preference, being security minded, would be to simply abort loading the natd
 > at all when an ambiguous statement is found. and hopefully this would make a
 > *lot* of "noise" via syslog :)
 
 you're diverting all your traffic to a divert socket that isn't being
 serviced by any process. you're diverting it because the ipfw rule is
 still there. no process is servicing it because natd "simply abort[ed]
 loading".
 
 so I'm unclear where a problem is, other then in your ability to check
 config files twice before pushing the magic button to reboot.
 
 useful thing to do: in natd.c change the warnx() call in ParseOption()
 to a Warn() call, to make your requested noise. you won't see the noise
 because you have no connectivity....
 
 -- 
 - bill fumerola / fumerola@yahoo-inc.com / billf@FreeBSD.org / billf@mu.org
 
 
 ps. why are you rebooting for natd changes anyways?
 pps. serial consoles / out of band are cheaper and quicker then remote hands.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message