From owner-freebsd-questions Thu Jan 17 16:29:36 2002 Delivered-To: freebsd-questions@freebsd.org Received: from tntpro.com (159-63.suscom-maine.net [207.5.159.63]) by hub.freebsd.org (Postfix) with ESMTP id C624C37B402 for ; Thu, 17 Jan 2002 16:29:32 -0800 (PST) Received: from celery (celery.tntpro.com [192.168.0.13]) by tntpro.com (8.11.6/8.11.6) with SMTP id g0I0TIl03221; Thu, 17 Jan 2002 19:29:22 -0500 (EST) (envelope-from tony@tntpro.com) From: "tony" To: "Dustin Puryear" , Subject: RE: Using natd Date: Thu, 17 Jan 2002 19:29:11 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <3c47528e.421655378@dpbox.dhs.org> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I use this little script when I need to restart natd remotely, I find that it takes a little while to die and that trying to restart it at just the right time is a hit or miss deal just put this in your path somewhere and set it chmod +x restartnatd.sh #!/bin/sh echo 'Killing natd' killall natd echo 'sleeping for 5 seconds' sleep 5 ps -aux |grep natd.conf echo 'sleeping for 5 seconds' sleep 5 echo 'Should be dead now' echo 'ps -aux |grep natd' ps -aux |grep natd.conf echo 'sleeping for 5 seconds' sleep 5 echo 'should be restarted now' /sbin/natd -f /etc/natd.conf -n ed0 ps -aux |grep natd.conf I know 15 seconds may be too long to wait, but on the other hand this NEVER fails, unless of course your natd.conf file has an error then your still stuck :) you could modify this file to sleep for an additional minute or so and then reload say natd.default and as long as you had another window open you could just kill the script if the new natd works ;) if not it would restart natd yet again with a known working config..... anyway don't forget the change the ed0 to whatever your network card is :) As for your other questions, I don't know, sorry :) -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Dustin Puryear Sent: Thursday, January 17, 2002 5:48 PM To: freebsd-questions@FreeBSD.ORG Subject: Using natd I read the manpage for natd, and in fact am using it now, but still have a few questions, as follows: * Can someone better explain -deny_incoming. Without setting that option will natd just pass incoming request to the localhost? I'm a bit unclear on this issue. * Does anyone use the -log option? Is this purely for troubleshooting? I tried the -log option as an experiment, but didn't see any meaningful, for my purposes at least, data being generated. * Does anyone use -punch_fw, or do you just statically build your firewall rules? I'm not sure I see an advantage to -punch_fw unless it is simply for ease of firewall management. * Can I alter the natd running configuration without rebooting the machine? I tried killing the process once so that I coud reload and and the network on the test machine promptly went down from the remote end. Regards, Dustin --- Dustin Puryear Information Systems Consultant http://members.telocity.com/~dpuryear In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message