From owner-freebsd-hackers  Fri May  4 20:14:40 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP
	id 6B0D537B422; Fri,  4 May 2001 20:14:36 -0700 (PDT)
	(envelope-from nick@rogness.net)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f454PSH23695;
	Fri, 4 May 2001 23:25:28 -0500 (CDT)
	(envelope-from nick@rogness.net)
Date: Fri, 4 May 2001 23:25:28 -0500 (CDT)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: Ruslan Ermilov <ru@FreeBSD.ORG>
Cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: /etc/rc.network and natd_enable
In-Reply-To: <20010504101259.A58642@sunbay.com>
Message-ID: <Pine.BSF.4.21.0105042310500.23596-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, 4 May 2001, Ruslan Ermilov wrote:

> On Thu, May 03, 2001 at 05:17:17PM -0500, Nick Rogness wrote: > > In

> 4.2-STABLE, /etc/rc.network has entries to turn on natd.  However,
> natd > does not get enabled if you don't specify natd_interface.  
> WHat if you you > have setup stored in a configuration file and do not
> wish to supply an


> > interface flag in /etc/rc.conf?  Well, natd does not turn on!
> > 
> > Would it make more sense to do something like (psuedo-ish code):
> > 
> > 	if (natd_enable = YES)
> > 
> > 		if (natd_interface defined)
> > 			natd -n $natd_interface $natd_flags
> > 		elif (natd_flags defined)
> > 			natd $natd_flags
> > 		fi
> > 	fi
> > 
> > 

> > It would allow for people to not specify a natd_interface but still
> be > able to run natd out of rc.conf.  What does everyone think of
> this?

> > > I guess you pay the penalty if someone doesn't setup the flags
> properly > but I guess you could write that off as a config error
> anyways.

> > 
> ${natd_interface} is required to set up the ``divert natd'' rule
> from /etc/rc.firewall.
> 


	Damn!  And if someone enters an IP as natd_interface...does the
	firewall rules error out?  (haven't tried it but looks as if it
	would)

	I would suspect that if the user doesn't specify natd_interface in
	rc.conf that he would have to be aware that the firewall rule for
	nat did not get added.  I don't necessarily think that's a bad
	thing...but maybe it is.


Nick Rogness <nick@rogness.net>
 - Keep on Routing in a Free World...
  "FreeBSD: The Power to Serve!"



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message