Date: Thu, 29 Jul 2010 16:55:09 +0200 From: umage <theultramage@gmail.com> To: freebsd-questions@freebsd.org Subject: ipfw+natd startup order fixing Message-ID: <4C51964D.9090701@gmail.com>
next in thread | raw e-mail | index | archive | help
Hi there, a few months ago I inquired about an issue where using ipfw+natd worked on 8.0 but produced errors in 8.1. After searching the bugs database, I found multiple reports about it - http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/148137 and http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/148928. Both suggest manually loading ipdivert as a workaround, and fixing the rc scripts as solution. The offending changeset is http://svn.freebsd.org/viewvc/base/stable/8/etc/rc.d/ipfw?r1=196045&r2=203962, where natd was changed to be run as a post-cmd instead of a pre-cmd. According to svn, this defect has not been addressed in HEAD yet. I've tried modifying the rc scripts, so that natd becomes a dependency of ipfw - which ought to make it start. However, the rc script is marked as KEYWORD: nostart, which excludes it from the normal startup process and from the listing of 'services -r' (finally noticed this). So an alternative way to fix this would to make natd a standalone script, add a rc dependency, and remove the 'firewall_coscript' juggling in ipfw's rc script. What's the best way to get this problem fixed in svn?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C51964D.9090701>