Date: Sat, 28 Feb 2004 14:45:39 -1000 (HST) From: Vincent Poy <vince@oahu.WURLDLINK.NET> To: Craig Rodrigues <rodrigc@crodrigues.org> Cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: HEADSUP: Sleep queues added to kernel, so be careful. Message-ID: <20040228144145.Q8264-100000@oahu.WURLDLINK.NET> In-Reply-To: <20040229002147.GA1351@crodrigues.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 28 Feb 2004, Craig Rodrigues wrote: > Hi, > > I just cvsup'd my box, and am having the same problem > as Vincent. > > I have these lines in my /etc/rc.conf: > > firewall_type="open" > natd_enable="YES" > natd_interface="xl0" > natd_flags="-redirect_port tcp 192.168.0.2:80-9000 80-9000 -redirect_port tcp 19 > 2.168.0.3:80-9000 80-9000" > > > If I capture the boot output with: > vidcontrol -H -P > bootup.txt > > I see these lines: > > Flushed all rules. > 00050 divert 8668 ip from any to any via xl0 > 00100 allow ip from any to any via lo0 > 00200 deny ip from any to 127.0.0.0/8 > 00300 deny ip from 127.0.0.0/8 to any > 65000 allow ip from any to any > Firewall rules loaded, starting divert daemons: natd: Unable to bind divert socket.: Can't assign requested address > . > net.inet.ip.fw.enable: 1 -> 1 > > > > I added some additional statements to /etc/rc.d/ipfw so > that it prints out the natd command: > > Firewall rules loaded, starting divert daemons: natd: /sbin/natd -redirect_port tcp 192.168.0.2:80-9000 80-9000 -redirect_port tcp 192.168.0.3:80-9000 80-9000 -dynamic -n xl0 > natd: Unable to bind divert socket.: Can't assign requested address > . > net.inet.ip.fw.enable: 1 -> 1 > > > > After bootup, if I execute /sbin/natd from the command-line, > I do not get this error message. Thanks Craig, I just looked on the console and captured the output: Flushed all rules. 00050 divert 8668 ip from any to any via xl0 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 65000 allow ip from any to any Firewall rules loaded, starting divert daemons: natd natd: Unable to bind divert socket.: Can't assign requested address. Firewall logging enabled net.inet.ip.fw.enable: 1 -> 1 I can't tell when this broke as I mentioned, the last -CURRENT buildworld I was running on was September 23, 2003 before going with this one at 4AM -800. Cheers, Vince - vince@WURLDLINK.NET - Vice President ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] WurldLink Corporation / / / / | / | __] ] San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040228144145.Q8264-100000>