Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 26 Jan 2015 16:24:46 -0500
From:      John Baldwin <jhb@freebsd.org>
To:        Olivier =?ISO-8859-1?Q?Cochard=2DLabb=E9?= <olivier@cochard.me>
Cc:        svn-src-head <svn-src-head@freebsd.org>, svn-src-all <svn-src-all@freebsd.org>, src-committers <src-committers@freebsd.org>
Subject:   Re: svn commit: r277714 - head/sbin/ipfw
Message-ID:  <2669297.0BvAQ4C19U@ralph.baldwin.cx>
In-Reply-To: <CA%2Bq%2BTcr1fNz70Y6%2B0NeWDLx2Bszk1B0M%2B4_Cv2uMayBsNc6pRQ@mail.gmail.com>
References:  <201501252037.t0PKbXNW070662@svn.freebsd.org> <CA%2Bq%2BTcr1fNz70Y6%2B0NeWDLx2Bszk1B0M%2B4_Cv2uMayBsNc6pRQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Monday, January 26, 2015 09:34:39 PM Olivier Cochard-Labb=E9 wrote:
> On Sun, Jan 25, 2015 at 9:37 PM, John Baldwin <jhb@freebsd.org> wrote=
:
> > Author: jhb
> > Date: Sun Jan 25 20:37:32 2015
> > New Revision: 277714
> > URL: https://svnweb.freebsd.org/changeset/base/277714
> >=20
> > Log:
> >   natd(8) will work with an unconfigured interface and effectively =
not do
> >   anything until the interface is assigned an address.  This fixes
> >   ipfw_nat to do the same by using an IP of INADDR_ANY instead of
> >   aborting the nat setup if the requested interface is not yet conf=
igured.
>=20
> Hi,
>=20
> I've still a problem with ipfw_nat and unconfigured interface:
> On my setup I'm using ipfw with NAT rules using an OpenVPN tunnel int=
erface
> as source address for NATting.
>=20
> During the machine startup, ipfw is started before openvpn (hopefully=
) and
> its configuration mention do to NAT using tun0 IP address.
> Then OpenVPN start and create a tun0 and set an IP address on it.
> =3D> But no unicast traffic is allowed on this tun0 interface until I=
 restart
> ipfw.
>=20
> If I correctly understand the log of this commit: This behavior shoul=
d be
> fixed by this commit, right ?

It might.  What happened for me is that I was using nat over wlan0 for =
VM's
on my laptop to reach the outside world, but wlan0 doesn't get an IP un=
til
later in the boot after it associates.  As a result, wlan0 wasn't passi=
ng any
IP traffic until this fix (or if I reloaded ipfw after wlan0 was config=
ured).

--=20
John Baldwin

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2669297.0BvAQ4C19U>