Date: Fri, 23 Nov 2012 17:16:40 +1100 From: Morgan Reed <morgan.s.reed@gmail.com> To: Dewayne Geraghty <dewayne.geraghty@heuristicsystems.com.au>, freebsd-stable@freebsd.org Subject: Re: natd in a jail Message-ID: <CAKnh_YteQ8YO5HFWGeFNgZqBx6-EK0BX7uujnAoqLi-JJ-yk_g@mail.gmail.com> In-Reply-To: <CAKnh_YtaY8uMo0W=LQ8L=Ntz6j9bVv8bOkQ_xFoAtz86qLZKDA@mail.gmail.com> References: <CAKnh_YtF5f_0-vuGO0ov%2BJDKa_gxF%2Bf80-DCcfxPYyew0_ZG7Q@mail.gmail.com> <D0670FDB8ED04E92BD4A44BB347E786F@white> <CAKnh_YtaY8uMo0W=LQ8L=Ntz6j9bVv8bOkQ_xFoAtz86qLZKDA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Nov 22, 2012 at 10:36 PM, Morgan Reed <morgan.s.reed@gmail.com> wrote: > BPF is enabled for the jails, and the traffic is getting to where it > needs to (but not via natd). I'll try enabling raw_sockets in the > jails, it is entirely conceivable that natd requires that > functionality. So it turns out I'd not bought bpf into the jails, however even with that and raw_sockets enabled I'm still having no joy with natd. I've been looking at ipfw a bit today but I've run into an issue, loading ipfw_nat causes my kernel to instantly panic, I need to recompile with KDB and DDB turned on so I can actually catch the trace though... Might look at netgraph before going too far down that path.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAKnh_YteQ8YO5HFWGeFNgZqBx6-EK0BX7uujnAoqLi-JJ-yk_g>