Re: ipfw nat problem

Reply: Wojciech Puchar : "Re: ipfw nat problem"
In reply to: Wojciech Puchar : "Re: ipfw nat problem"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Eugene Grosbein <eugen_at_grosbein.net>
Date: Fri, 26 Aug 2022 09:26:26 UTC

26.08.2022 15:04, Wojciech Puchar wrote:

>>> found a reason. forwarding was set to 0 in sysctl
>>
>> Never set net.inet.ip.forwarding=1 manually or via /etc/sysctl.conf.
>>
>> Always use gateway_enable="YES" in /etc/rc.conf, or else system scripts started with devd
> 
> I don't use devd on servers.
> 
>> on any interface creation (tunX, ngX, etc.) will switch forwarding to 0 again.
> 
> Well - i do create tun or other interfaces without problems. Can you point an example of this?

Some scripts (f.e. from /etc/devd.conf) invoke /etc/pccard_ether $subsystem start
(the name "pccard_ether" is just historic, it serves any cloned network interface).

It runs "/etc/rc.d/netif quietstart" $ifn that runs "/etc/rc.d/routing static any $_if"
that may reset net.inet.ip.forwarding=0 unless you have gateway_enable="YES" in /etc/rc.conf
despite you could have set net.inet.ip.forwarding=1 via sysctl.conf.