From owner-freebsd-stable@FreeBSD.ORG  Fri Nov 23 06:17:01 2012
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id A410AE97
 for <freebsd-stable@freebsd.org>; Fri, 23 Nov 2012 06:17:01 +0000 (UTC)
 (envelope-from morgan.s.reed@gmail.com)
Received: from mail-ie0-f182.google.com (mail-ie0-f182.google.com
 [209.85.223.182])
 by mx1.freebsd.org (Postfix) with ESMTP id 63B4A8FC08
 for <freebsd-stable@freebsd.org>; Fri, 23 Nov 2012 06:17:01 +0000 (UTC)
Received: by mail-ie0-f182.google.com with SMTP id s9so8115157iec.13
 for <freebsd-stable@freebsd.org>; Thu, 22 Nov 2012 22:17:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :content-type; bh=8PNi/bzJVXcLY6iS3hfuBRyspKePvbgi9MUdfCflkJ0=;
 b=TUUQltRAisEvkhd6utM/iKV9FeqqAnHsuufs3ukIlU8+ZK8GIs9GtXdbAESPRWX5RE
 vpbzOlrR3xgwe7yLzDafYjiaKnP4OfduaamzelRG4746J74LQcQe1MuJeeHKnJV2tVbo
 Ia9y+BCMdgpVVuwkMjOoHVOjejH7HUZon2F3C17gq4XD+7blzjGCrpx6zFFwWwSUS47d
 aMYQeahXGH0h6ibZMVz9kkX8Alhy0eRlyzcbi0QD4xWRv8tMp5LeJgAQ2bjMm3Vz+zKR
 +nUew2D9DoI5Y89kJp6h0FFWyYMxMtTnYOEIQumitQCPyKCRoduxX+z1z5sFSqgT9Kh5
 hqUg==
Received: by 10.50.152.197 with SMTP id va5mr2647504igb.12.1353651420825; Thu,
 22 Nov 2012 22:17:00 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.6.71 with HTTP; Thu, 22 Nov 2012 22:16:40 -0800 (PST)
In-Reply-To: <CAKnh_YtaY8uMo0W=LQ8L=Ntz6j9bVv8bOkQ_xFoAtz86qLZKDA@mail.gmail.com>
References: <CAKnh_YtF5f_0-vuGO0ov+JDKa_gxF+f80-DCcfxPYyew0_ZG7Q@mail.gmail.com>
 <D0670FDB8ED04E92BD4A44BB347E786F@white>
 <CAKnh_YtaY8uMo0W=LQ8L=Ntz6j9bVv8bOkQ_xFoAtz86qLZKDA@mail.gmail.com>
From: Morgan Reed <morgan.s.reed@gmail.com>
Date: Fri, 23 Nov 2012 17:16:40 +1100
Message-ID: <CAKnh_YteQ8YO5HFWGeFNgZqBx6-EK0BX7uujnAoqLi-JJ-yk_g@mail.gmail.com>
Subject: Re: natd in a jail
To: Dewayne Geraghty <dewayne.geraghty@heuristicsystems.com.au>,
 freebsd-stable@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Nov 2012 06:17:01 -0000

On Thu, Nov 22, 2012 at 10:36 PM, Morgan Reed <morgan.s.reed@gmail.com> wrote:
> BPF is enabled for the jails, and the traffic is getting to where it
> needs to (but not via natd). I'll try enabling raw_sockets in the
> jails, it is entirely conceivable that natd requires that
> functionality.

So it turns out I'd not bought bpf into the jails, however even with
that and raw_sockets enabled I'm still having no joy with natd.

I've been looking at ipfw a bit today but I've run into an issue,
loading ipfw_nat causes my kernel to instantly panic, I need to
recompile with KDB and DDB turned on so I can actually catch the trace
though... Might look at netgraph before going too far down that path.