From owner-freebsd-questions@FreeBSD.ORG Sat Jun 18 10:51:50 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0BF2E16A41C for ; Sat, 18 Jun 2005 10:51:50 +0000 (GMT) (envelope-from xfb52@dial.pipex.com) Received: from smtp-out2.blueyonder.co.uk (smtp-out2.blueyonder.co.uk [195.188.213.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9F6F443D55 for ; Sat, 18 Jun 2005 10:51:48 +0000 (GMT) (envelope-from xfb52@dial.pipex.com) Received: from [82.41.37.55] ([82.41.37.55]) by smtp-out2.blueyonder.co.uk with Microsoft SMTPSVC(5.0.2195.6713); Sat, 18 Jun 2005 11:52:28 +0100 Message-ID: <42B3FCC3.6030202@dial.pipex.com> Date: Sat, 18 Jun 2005 11:51:47 +0100 From: Alex Zbyslaw User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-GB; rv:1.7.8) Gecko/20050530 X-Accept-Language: en, en-us, pl MIME-Version: 1.0 To: Joe References: <20050618023137.10742.qmail@web41014.mail.yahoo.com> In-Reply-To: <20050618023137.10742.qmail@web41014.mail.yahoo.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 18 Jun 2005 10:52:28.0744 (UTC) FILETIME=[D200C480:01C573F3] Cc: freebsd-questions@freebsd.org Subject: Re: SMP and networking under FreeBSD 5.3 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Jun 2005 10:51:50 -0000 Joe wrote: >Okay, back on topic. > >I've changed my rules in ipfw, and no longer get the hostname .. >messages. > >Now natd does not start and it complains 'unable to bind divert >socket, and then cant assign requested address'. I'm using: > >natd_enable="YES" >natd_interface="dc0" >natd_flags="-dynamic -d -log_ipfw_denied -log_denied" > > These are my parameters below which definitely work -- or you wouldn't be seeing this email :) I can't see anything obviously wrong with yours; what I would suggest is to start with just "-dynamic" since that's the only one that's *required* for this setup to work and see how that does. I can't find your original rules: I assume that a) dc0 *is* your external interface (typos are a common source of errors, though I don't think that's the case here) b) you have an ifconfig_dc0="DHCP" line in /etc/rc.conf. natd_enable="YES" # Natd packet translation natd_flags="-log -log_denied -dynamic" natd_interface="sis0" ifconfig_sis0="DHCP" # External network At startup I get a message like: Jun 18 10:38:58 natd[701]: Aliasing to 0.0.0.0, mtu 1500 bytes just after the firewall rules start up. The divert rule in my firewall says: ipfw add divert natd all from any to any via ${natd_interface} If you have static rules rather than a script then you need ${natd_interface} to be replaced directly with dc0. The other things to check, I guess, are that those are the *only* natd lines you have: egrep natd /etc/rc.conf /etc.rc.conf.local --Alex