Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 20 Feb 2001 07:58:37 +0100 (CET)
From:      Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   conf/25223: PATCH for rc.network to enable ipnat seperately from ipfilter
Message-ID:  <200102200658.f1K6wb352425@curry.mchp.siemens.de>
index | next in thread | raw e-mail 


>Number:         25223
>Category:       conf
>Synopsis:       PATCH for rc.network to enable ipnat seperately from ipfilter
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Feb 19 23:00:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Andre Albsmeier
>Release:        FreeBSD 4.2-STABLE i386
>Organization:
>Environment:

All FreeBSD machines that support ipfilter

>Description:

The current way of initialasing ipfilter during system boot
makes it very hard to use ipnat without ipfilter since
${ipfilter_enable} must be "yes" in order to get ${ipnat_enable}
evaluated at all.


>How-To-Repeat:

Try a config in rc.network where ipnat rules are loaded and
ipfilter stuff is left alone.

>Fix:

Move ${ipnat_enable} stuff out of the ${ipfilter_enable}
conditional. Don't know if the ipmon stuff should
be seperate as well...

--- rc.network.ORI	Mon Jan 15 15:21:37 2001
+++ rc.network	Tue Feb 20 07:49:18 2001
@@ -60,20 +60,20 @@
 				${ipmon_program:-/sbin/ipmon} ${ipmon_flags}
 				;;
 			esac
-			case "${ipnat_enable}" in
-			[Yy][Ee][Ss])
-				if [ -r "${ipnat_rules}" ]; then
-					echo -n ' ipnat';
-				eval ${ipnat_program:-/sbin/ipnat -CF -f} \
-					"${ipnat_rules}" ${ipnat_flags}
-				else
-					echo -n ' NO IPNAT RULES'
-				fi
-				;;
-			esac
 		else
 			ipfilter_enable="NO"
 			echo -n ' NO IPF RULES'
+		fi
+		;;
+	esac
+	case "${ipnat_enable}" in
+	[Yy][Ee][Ss])
+		if [ -r "${ipnat_rules}" ]; then
+			echo -n ' ipnat';
+			eval ${ipnat_program:-/sbin/ipnat -CF -f} \
+			   "${ipnat_rules}" ${ipnat_flags}
+		else
+			echo -n ' NO IPNAT RULES'
 		fi
 		;;
 	esac
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102200658.f1K6wb352425>