misc/57748: [patch] rc.network doesn't allow for -a in natd_flags if interface specified

Ian Service iservice at tsnetworks.ca
Wed Oct 8 08:30:17 PDT 2003 

>Number:         57748
>Category:       misc
>Synopsis:       [patch] rc.network doesn't allow for -a in natd_flags if interface specified
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Oct 08 08:30:13 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator:     Ian Service
>Release:        FreeBSD 4.8-STABLE i386
>Organization:
Tweaked Solutions Inc.
>Environment:
System: FreeBSD jolt.landscapeontario.com 4.8-STABLE FreeBSD 4.8-STABLE #0: Wed May 21 21:06:47 EDT 2003 iservice at newjolt.landscapeontario.com:/usr/obj/usr/src/sys/NEWJOLTKERNEL i386



>Description:
        By default if you natd_interface="out0" into your rc.conf it makes the
ipfw rule if natd_enable="YES" and then it makes the natd flag -n out0
this is good but if you want to make another IP the nat IP, you have to
make natd_interface="192.168.0.1" or whatever, but if that's not your
external interface, the ipfw rule is wrong and doesn't work.  I have an
aliased IP that I want my nat traffic to leave as so, I set the
natd_flags="-a 192.168.0.2" and my natd_interface="out0" and then I needed
to edit /etc/rc.network, to look for that and not reduntantly
set -n to out0 as well as -a to 192.168.0.2

>How-To-Repeat:
>Fix:
See Patch

--- rc.network.2003100800.patch begins here ---
--- /root/rc.network	Thu Apr  3 03:55:40 2003
+++ /etc/rc.network	Wed Oct  8 09:09:20 2003
@@ -338,7 +338,10 @@
 				case ${natd_enable} in
 				[Yy][Ee][Ss])
 					if [ -n "${natd_interface}" ]; then
-						if echo ${natd_interface} | \
+						if echo ${natd_flags} | \
+							grep -q -E '^\-a\ [0-9]+(\.[0-9]+){0,3}'; then
+							# there's already a -a flag in natd_flags
+						elif echo ${natd_interface} | \
 							grep -q -E '^[0-9]+(\.[0-9]+){0,3}$'; then
 							natd_flags="$natd_flags -a ${natd_interface}"
 						else
--- rc.network.2003100800.patch ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list