From owner-freebsd-net@FreeBSD.ORG Fri Jun 18 18:16:49 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B6CAD106567E for ; Fri, 18 Jun 2010 18:16:49 +0000 (UTC) (envelope-from prvs=1785ab736e=killing@multiplay.co.uk) Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23]) by mx1.freebsd.org (Postfix) with ESMTP id 3FBEE8FC1D for ; Fri, 18 Jun 2010 18:16:48 +0000 (UTC) X-MDAV-Processed: mail1.multiplay.co.uk, Fri, 18 Jun 2010 19:05:44 +0100 X-Spam-Processed: mail1.multiplay.co.uk, Fri, 18 Jun 2010 19:05:43 +0100 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on mail1.multiplay.co.uk X-Spam-Level: X-Spam-Status: No, score=-5.0 required=6.0 tests=USER_IN_WHITELIST shortcircuit=ham autolearn=disabled version=3.2.5 Received: from r2d2 by mail1.multiplay.co.uk (MDaemon PRO v10.0.4) with ESMTP id md50010597769.msg for ; Fri, 18 Jun 2010 19:05:23 +0100 X-Authenticated-Sender: Killing@multiplay.co.uk X-MDRemoteIP: 188.220.16.48 X-Return-Path: prvs=1785ab736e=killing@multiplay.co.uk X-Envelope-From: killing@multiplay.co.uk X-MDaemon-Deliver-To: freebsd-net@freebsd.org Message-ID: From: "Steven Hartland" To: Date: Fri, 18 Jun 2010 19:01:49 +0100 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5931 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5931 Cc: liv3d@multiplay.co.uk, geedee@multiplay.co.uk Subject: FreeBSD 8.x + multiple ip ipnat = hard lock X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jun 2010 18:16:49 -0000 We're trying to get the following config working but as soon as we try to assign an outbound range to in ipnat.rules the machine will hard lock, not even capslock light will activate. [rc.conf] defaultrouter="217.41.248.1" ifconfig_em0="inet 217.41.248.10 netmask 255.255.255.0" ifconfig_em0_alias0="inet 217.41.248.192/32" ifconfig_em0_alias1="inet 217.41.248.193/32" ipfilter_enable="YES" ipfilter_rules="/etc/ipf.rules" ipv6_ipfilter_rules="" ipfilter_flags="-D -T ipf_nattable_sz=10009,ipf_nattable_max=300000 -E" ipmon_enable="YES" ipmon_flags="-Ds" ipnat_enable="YES" ipnat_rules="/etc/ipnat.rules" [/rc.conf] [ipnat.rules] map em0 10.10.98.0/23 -> 217.41.248.192/31 portmap tcp/udp auto map em0 10.10.98.0/23 -> 217.41.248.192/31 [/ipnat.rules] also tried: [ipnat.rules] map em0 10.10.98.0/23 -> 217.41.248.192/31 [/ipnat.rules] If we change to a /32 all is fine. It can take a few mins to hang but hang it always does. We've swapped out the hardware and upgraded from 8.0 to 8.1-PRE but no change. Does anyone have any ideas what this could be or how do debug? Regards Steve ================================================ This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337 or return the E.mail to postmaster@multiplay.co.uk.