Date: Sun, 23 Dec 2001 13:33:11 +0000 From: Josh Paetzel <friar_josh@webwarrior.net> To: Roger Savard <Unix@henoc.com> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: NATD/IPFW in Pre-Release 4.5 does not work Message-ID: <20011223133311.C237@twincat.vladsempire.net> In-Reply-To: <1009132211.259.4.camel@JSBach.henocoffice.com>; from Unix@henoc.com on Sun, Dec 23, 2001 at 01:30:11PM -0500 References: <1009132211.259.4.camel@JSBach.henocoffice.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Dec 23, 2001 at 01:30:11PM -0500, Roger Savard wrote: > Hi, > > Since this morning I noticed that natd conflicts with the ipfw rules. > My userland is in sync with the kernel but I had to fall back to > (kernel.old) my last kernel. > > Content in /etc/rc.conf > firewall_enable="YES" # Set to YES to enable firewall > functionality > firewall_script="/etc/rc.firewall" # Which script to run to set up the > firewall > firewall_type="open" # Firewall type (see /etc/rc.firewall) > firewall_quiet="NO" # Set to YES to suppress rule display > natd_program="/sbin/natd" # path to natd, if you want a different > one. > natd_enable="YES" # Enable natd (if firewall_enable == > YES). > natd_interface="fxp1" # Public interface or IPaddress to use. > natd_flags="-u -dynamic" # Additional flags for natd. > > In /var/log/console I noticed: > Dec 23 07:45:14 Haydn /kernel: Kernel firewall module loaded > Dec 23 07:45:14 Haydn /kernel: Flushed all rules. > Dec 23 07:45:14 Haydn /kernel: ip_fw_ctl: invalid command > Dec 23 07:45:14 Haydn /kernel: ipfw: > Dec 23 07:45:14 Haydn /kernel: getsockopt(IP_FW_ADD) > Dec 23 07:45:14 Haydn /kernel: : > Dec 23 07:45:14 Haydn /kernel: Invalid argument > Dec 23 07:45:14 Haydn /kernel: 00100 > Dec 23 07:45:14 Haydn /kernel: allow > Dec 23 07:45:14 Haydn /kernel: ip > > The natd rule is not added as if there was a typo in either > the /etc/rc.firewall or /etc/rc.conf but with last week's kernel > there is no error. > > Anyone else noticed that? > > Thanks again. No. I have 2 different boxes running 4.5-PRERELEASE and natd with no issues. Are you sure installworld didn't b0mb when you updated? You don't mention when you cvsupped, but I'm going to cvsup and rebuild one of the boxes right now. I'll let you know in about 2 hours if there are any problems that crop up with natd. Josh > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011223133311.C237>