Date: Sat, 1 Sep 2001 08:07:09 -0700 (PDT) From: Flemming Jacobsen <fj@batmule.dk> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/30255: [PATCH] Packets reinjected by natd but denied by ipfw generates annoying errors Message-ID: <200109011507.f81F79S35239@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 30255 >Category: misc >Synopsis: [PATCH] Packets reinjected by natd but denied by ipfw generates annoying errors >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Sep 01 08:10:02 PDT 2001 >Closed-Date: >Last-Modified: >Originator: Flemming Jacobsen >Release: 4-stable >Organization: >Environment: N/A >Description: When natd tries to reinject a packet which is denied by a (later) ipfw rule annoying logmessages of the form: natd[pid]: failed to write packet back (Permission denied) are generated. This patch adds an option to suppress these messages. >How-To-Repeat: Install FreeBSD on system with two network cards. Setup nat'ing. Add an ipfw after the divert rule denying traffic. Watch the logmessages. >Fix: Apply patch from: http://www.batmule.dk/FreeBSD/natd.EACCES.udiff Add "-nolog_ipfw_denied" to natd commandline Messages suppressed. The patch has been tested on 3 moderatly used firewalls for nearly 5+ months without any noticeable ill effects. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109011507.f81F79S35239>