From owner-freebsd-questions  Tue Aug 28 22:22:16 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from grumpy.dyndns.org (user-24-214-57-209.knology.net [24.214.57.209])
	by hub.freebsd.org (Postfix) with ESMTP id 1B03137B406
	for <freebsd-questions@FreeBSD.ORG>; Tue, 28 Aug 2001 22:22:12 -0700 (PDT)
	(envelope-from dkelly@grumpy.dyndns.org)
Received: from localhost (localhost [127.0.0.1])
	by grumpy.dyndns.org (8.11.3/8.11.4) with ESMTP id f7T5M3w74138;
	Wed, 29 Aug 2001 00:22:03 -0500 (CDT)
	(envelope-from dkelly@grumpy.dyndns.org)
Message-Id: <200108290522.f7T5M3w74138@grumpy.dyndns.org>
X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4
To: "Matthew Emmerton" <matt@gsicomp.on.ca>
Cc: freebsd-questions@FreeBSD.ORG
From: David Kelly <dkelly@hiwaay.net>
Subject: Re: getting nat to refresh its rules 
In-reply-to: Message from "Matthew Emmerton" <matt@gsicomp.on.ca> 
   of "Tue, 28 Aug 2001 23:04:59 EDT." <001301c13037$64fad820$1200a8c0@gsicomp.on.ca> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 29 Aug 2001 00:22:03 -0500
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

"Matthew Emmerton" writes:
> 
> However, I have one big beef with the current setup, and that is there is no
> easy way short of a reboot to get natd to re-read its configuration, as
> given by the -f option.  This means that if I add a new forwarding rule, I
> have to reboot the box to get natd to use its new configuration.

It would be nice if "kill -HUP `cat /var/run/natd.pid `" would cause it 
to refresh its rules. Something you could contribute in all the spare 
time those reliable FreeBSD firewalls will buy you.

You can restart natd something like this, even over an ssh link running
thru natd:

# ( sleep 2; kill -9 `cat /var/run/natd.pid`; /sbin/natd -f /etc/natd.conf ) >& /dev/null &

If between the first natd stopping and the next one starting your ssh 
link needs to send a packet then you'll lose the link. The above 
redirects stdout to protect against that happening.


-- 
David Kelly N4HHE, dkelly@hiwaay.net
=====================================================================
The human mind ordinarily operates at only ten percent of its
capacity -- the rest is overhead for the operating system.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message