From owner-freebsd-stable Sat Jan 27 6:39:19 2001 Delivered-To: freebsd-stable@freebsd.org Received: from arianna.webcraft99.alt (unknown [202.151.212.19]) by hub.freebsd.org (Postfix) with ESMTP id F3A4D37B69E for ; Sat, 27 Jan 2001 06:39:01 -0800 (PST) Received: from jenna.webcraft99.alt (jenna.webcraft99.alt [192.168.1.22]) by arianna.webcraft99.alt (AriAnnA) with ESMTP id AA1907C20; Sat, 27 Jan 2001 23:04:04 +0800 (MYT) Received: from webcraft99.com (lexus.webcraft99.alt [192.168.1.31]) by jenna.webcraft99.alt (JEnnA) with ESMTP id DA09C3DB2; Sat, 27 Jan 2001 22:43:45 +0800 (MYT) Message-ID: <3A72DEA1.A31EC401@webcraft99.com> Date: Sat, 27 Jan 2001 22:43:45 +0800 From: Feisal Umar Organization: Webcraft Sdn Bhd (http://www.webcraft99.com) X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-stable@freebsd.org, ipfilter@coombs.anu.edu.au Subject: IPFILTER 3.4.16 and FreeBSD-4.2 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi Are the startup scripts for FreeBSD-4.2 broken for IPFILTER/IPNAT support? I have a gateway machine configured with IPFILTER/IPNAT via the rc.conf with the following entries: ipfilter_enable="YES" ipfilter_flags="" ipnat_enable="YES" ipmon_enable="YES" Hosts behind the GATEWAY can't traverse to outside via the NAT after the GATEWAY is rebooted with a new Kernel Build (yesterday). I had to manually specify "ipnat -CF -f /etc/ipnat.rules" before everything works as normal. Ipmon behaviour has also changed, ie nothing is being passed to syslog except an entry saying ipmon was started. I can't find anything is the system logs to suggest anything is amiss. PS: Everything was working A-OK prior to yesterday's build (except that ipmon_enable wasn't supported). My IPfilter isn't the stock 3.4.8. Hasn't been a problem before. Thanks for any inputs or pointers. -- Feisal Umar Webcraft Sdn Bhd - http://www.webcraft99.com You cannot kill time without injuring eternity. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message