From owner-freebsd-stable@FreeBSD.ORG Mon May 30 05:49:43 2005 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2BF9E16A41C for ; Mon, 30 May 2005 05:49:43 +0000 (GMT) (envelope-from smartweb@leadhill.net) Received: from natco3.natcotech.com (natco3.natcotech.com [205.167.142.103]) by mx1.FreeBSD.org (Postfix) with ESMTP id C094743D1F for ; Mon, 30 May 2005 05:49:42 +0000 (GMT) (envelope-from smartweb@leadhill.net) Received: from ibm.nlcc.us (ldhl-ras1-dial-12-28-24-127.natcotech.com [12.28.24.127]) by natco3.natcotech.com (Postfix) with ESMTP id 478BC62DC7 for ; Mon, 30 May 2005 00:49:41 -0500 (CDT) Received: (qmail 49395 invoked by uid 89); 30 May 2005 05:49:40 -0000 Received: from unknown (HELO ?192.168.0.2?) (billy@192.168.0.2) by ibm.nlcc.us with SMTP; 30 May 2005 05:49:40 -0000 Message-ID: <429AA973.1090602@leadhill.net> Date: Mon, 30 May 2005 00:49:39 -0500 From: Billy Newsom User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7) Gecko/20040616 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-stable@freebsd.org References: <007f01c561b0$ff758f40$cbc1a10a@Curs3> <42962E7D.6080609@leadhill.net> In-Reply-To: <42962E7D.6080609@leadhill.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: 5-Stable (5.4) any ipnat changes? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 May 2005 05:49:43 -0000 Billy Newsom wrote: > Okay, I'm going to dig up someone who might be responsible or might be > able to fix it. Two strikes while doing the same upgrade... While I'm > thinking about it, would you see if it happens on the next reboot? I > haven't tried, because my system is a firewall that I need to keep up > most of the time (I'm behind it right now), but I will definitely see if > it happens again soon. > > I am going to check some cvs checkins in the last three months or so and > see if I can track down a change. > > As for the custom kernel, I wonder if we both need to post the details > of our custom kernel to this list for others to see? I wonder if the > problem is only with certain kernel switches. I am attaching my kernel > (with no comments) to this email. Let me know if it's easier to read > with the comments in it, because a lot of the generic kernel fluff has > been removed for sake of speed. > (Replying to self) Well, I filed a PR for this at http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/81606 So if anyone wants to follow it, watch that. I looked at the changes to ipnat, (like ip_nat.c) and found that Darren Reed and Robert Watson seem have put in some changes to the ipfilter code to bring it up to the current release used in Solaris (4.1.8 from 3.4.35 I believe). They had it tested in HEAD (6-current) it looks like, and they just merged it into the STABLE branch in March. Not being familiar with it, I don't see immediately what could have made ipnat not start on boot. http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/contrib/ipfilter/netinet/ Most changes to STABLE on Mar. 15. Or perhaps something in the rc, rcng, etc. could have done this. ipnat may have slipped through somehow and not gotten started. I just rebooted the machine that had the problem, and so far ipnat was automatically loaded and is running fine. Could this only be a problem on the first reboot or something? Or is it an intermittent problem? Since others have reported having the same problem, can anyone confirm what happens on the subsequent boots? I have ipv6 disabled on my system... Is that a prerequisite? I have had it disabled for a long time with no problems, and of course, ipnat runs fine. I know Darren made some changes to get ipv6 to run recently, but would that be it? Billy