ipfw+natd startup order fixing
umage
theultramage at gmail.com
Thu Jul 29 15:22:33 UTC 2010
Hi there, a few months ago I inquired about an issue where using
ipfw+natd worked on 8.0 but produced errors in 8.1. After searching the
bugs database, I found multiple reports about it -
http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/148137 and
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/148928. Both suggest
manually loading ipdivert as a workaround, and fixing the rc scripts as
solution.
The offending changeset is
http://svn.freebsd.org/viewvc/base/stable/8/etc/rc.d/ipfw?r1=196045&r2=203962,
where natd was changed to be run as a post-cmd instead of a pre-cmd.
According to svn, this defect has not been addressed in HEAD yet.
I've tried modifying the rc scripts, so that natd becomes a dependency
of ipfw - which ought to make it start. However, the rc script is marked
as KEYWORD: nostart, which excludes it from the normal startup process
and from the listing of 'services -r' (finally noticed this). So an
alternative way to fix this would to make natd a standalone script, add
a rc dependency, and remove the 'firewall_coscript' juggling in ipfw's
rc script.
What's the best way to get this problem fixed in svn?
More information about the freebsd-questions
mailing list