Date: Sat, 18 Jun 2005 11:51:47 +0100 From: Alex Zbyslaw <xfb52@dial.pipex.com> To: Joe <josepha48@yahoo.com> Cc: freebsd-questions@freebsd.org Subject: Re: SMP and networking under FreeBSD 5.3 Message-ID: <42B3FCC3.6030202@dial.pipex.com> In-Reply-To: <20050618023137.10742.qmail@web41014.mail.yahoo.com> References: <20050618023137.10742.qmail@web41014.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Joe wrote:
>Okay, back on topic.
>
>I've changed my rules in ipfw, and no longer get the hostname ..
>messages.
>
>Now natd does not start and it complains 'unable to bind divert
>socket, and then cant assign requested address'. I'm using:
>
>natd_enable="YES"
>natd_interface="dc0"
>natd_flags="-dynamic -d -log_ipfw_denied -log_denied"
>
>
These are my parameters below which definitely work -- or you wouldn't
be seeing this email :) I can't see anything obviously wrong with
yours; what I would suggest is to start with just "-dynamic" since
that's the only one that's *required* for this setup to work and see how
that does. I can't find your original rules: I assume that a) dc0 *is*
your external interface (typos are a common source of errors, though I
don't think that's the case here) b) you have an ifconfig_dc0="DHCP"
line in /etc/rc.conf.
natd_enable="YES" # Natd packet translation
natd_flags="-log -log_denied -dynamic"
natd_interface="sis0"
ifconfig_sis0="DHCP" # External network
At startup I get a message like:
Jun 18 10:38:58 natd[701]: Aliasing to 0.0.0.0, mtu 1500 bytes
just after the firewall rules start up.
The divert rule in my firewall says:
ipfw add divert natd all from any to any via ${natd_interface}
If you have static rules rather than a script then you need
${natd_interface} to be replaced directly with dc0.
The other things to check, I guess, are that those are the *only* natd
lines you have:
egrep natd /etc/rc.conf /etc.rc.conf.local
--Alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42B3FCC3.6030202>