Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 05 Sep 2007 21:41:50 -0500
From:      "Chris Bowman (Home)" <chrishome@austin.rr.com>
To:        freebsd-ipfw@freebsd.org, Chris Bowman <chris@korcett.com>
Subject:   [6.x patchset] Ipfw nat and libalias modules
Message-ID:  <46DF68EE.1010905@austin.rr.com>
index | next in thread | raw e-mail 


    I was recently testing the in kernel nat patch, which is an 
absolutely  wonderful addition in my opinion.  I have however run into 
one issue, when for example I do the following :

ipfw nat 10 config ip 2.2.2.2

The command is accepted, and anything I sent to nat process 10 via ipfw 
works as expected.  When I try to add a second NAT instance though, I 
run into a problem, for example :

ipfw nat 20 config ip 3.3.3.3

My goal is to of course have more than one nat process running, but 
adding anything after that initial first NAT causes a "hang", when I say 
hang I mean I enter the command, hit enter, and am never returned to a 
prompt, if I break with CTRL-C,  then I can get back to the prompt most 
of the time, other times I cannot break out via CTRL-C and just have to 
close that particular shell session.  To note, when I run into this 
hang, the command I ran shows up as a process, ie like this :

3839    p3   R+               0:02.67 ipfw nat 30 config ip 4.4.4.4

At this point, if I can't break out via CTRL-C , in another shell on the 
same machine I tried to kill the process, then kill -9, neither works, 
the process stays until I reboot the machine. 

Finally, just to note, even if the command doesn't return me to a shell 
prompt, or even if it hangs, the nat processes themselves to work, if I 
do a   "ipfw nat show config" , all is well, and I've tested to be sure, 
the nat processes are definitely active and working as they should.


To reproduce the problem Im seeing, simply try :

ipfw nat 10 config ip 1.1.1.1  <== Works Fine
ipfw nat 20 config ip 2.2.2.2  <== Won't return you back to a shell Prompt

I've tried this on x86 as well as AMD64, both having the same exact 
problem.  Both machines are running 6.1-RELEASE-p19

Please let me know if I can help with additional information, and by the 
way, aside from this small issue, in kernel nat is absoulutely awesome, 
thanks for all the hard work! 

Chris Bowman
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46DF68EE.1010905>