From owner-freebsd-questions@FreeBSD.ORG Thu Jul 29 15:22:33 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A6F47106567C for ; Thu, 29 Jul 2010 15:22:33 +0000 (UTC) (envelope-from theultramage@gmail.com) Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id 30B288FC1B for ; Thu, 29 Jul 2010 15:22:32 +0000 (UTC) Received: by bwz12 with SMTP id 12so298421bwz.13 for ; Thu, 29 Jul 2010 08:22:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:x-enigmail-version:content-type :content-transfer-encoding; bh=0FmhL4iNSW6BKPB9CckdZq2wl+MqRdwg+YEzM++bYrQ=; b=eyCsouOpgYKnwGR7P+7qfYeTv9dc68owGnsj6ujLhURbKLaTPB6E3Nv/Y1iFdz3U57 Yb1dppQNlAn8UpWiLP+5PUj4tg9+EBf+9gMhExhSZuBkVfj1vV/Ngy8F7nZOJ4fNSXwX OhcXk2fbTCFT8IB2zbAkKkQiZ812hcP6tF9Gk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :x-enigmail-version:content-type:content-transfer-encoding; b=cY5PVx79HWjUxF4YzzIAMzpW9R/JA/AihjGi2dw5I0r6fM9aKikj4y6l3bpm9iIwkA vqPlo+JVXzDzwe6Dd8XPg84BbbKWY364JryLfVOXSBquvwvRvH0lEixVjc2iWQO97aRR BTxdZ9wTql+QDf9ZHF0R91bxYQ6YBhbUiutIM= Received: by 10.204.81.130 with SMTP id x2mr104229bkk.210.1280415315601; Thu, 29 Jul 2010 07:55:15 -0700 (PDT) Received: from [192.168.0.31] (217-75-87-8.chassco.swan.sk [217.75.87.8]) by mx.google.com with ESMTPS id 24sm687159bkr.19.2010.07.29.07.55.14 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 29 Jul 2010 07:55:15 -0700 (PDT) Message-ID: <4C51964D.9090701@gmail.com> Date: Thu, 29 Jul 2010 16:55:09 +0200 From: umage User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.7) Gecko/20100713 Lightning/1.0b2 Thunderbird/3.1.1 MIME-Version: 1.0 To: freebsd-questions@freebsd.org X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: ipfw+natd startup order fixing X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Jul 2010 15:22:33 -0000 Hi there, a few months ago I inquired about an issue where using ipfw+natd worked on 8.0 but produced errors in 8.1. After searching the bugs database, I found multiple reports about it - http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/148137 and http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/148928. Both suggest manually loading ipdivert as a workaround, and fixing the rc scripts as solution. The offending changeset is http://svn.freebsd.org/viewvc/base/stable/8/etc/rc.d/ipfw?r1=196045&r2=203962, where natd was changed to be run as a post-cmd instead of a pre-cmd. According to svn, this defect has not been addressed in HEAD yet. I've tried modifying the rc scripts, so that natd becomes a dependency of ipfw - which ought to make it start. However, the rc script is marked as KEYWORD: nostart, which excludes it from the normal startup process and from the listing of 'services -r' (finally noticed this). So an alternative way to fix this would to make natd a standalone script, add a rc dependency, and remove the 'firewall_coscript' juggling in ipfw's rc script. What's the best way to get this problem fixed in svn?