conf/167566
Chris Rees
utisoft at gmail.com
Sat Oct 27 18:10:01 UTC 2012
The following reply was made to PR conf/167566; it has been noted by GNATS.
From: Chris Rees <utisoft at gmail.com>
To: bug-followup at freebsd.org
Cc:
Subject: Re: conf/167566
Date: Sat, 27 Oct 2012 19:05:23 +0100
On 27 October 2012 18:36, Hiroki Sato <hrs at freebsd.org> wrote:
> Chris Rees <utisoft at gmail.com> wrote
> in <201210252030.q9PKU1sK001139 at freefall.freebsd.org>:
>
> ut> The following reply was made to PR conf/167566; it has been noted by GNATS.
> ut>
> ut> From: Chris Rees <utisoft at gmail.com>
> ut> To: bug-followup at freebsd.org
> ut> Cc:
> ut> Subject: Re: conf/167566
> ut> Date: Thu, 25 Oct 2012 21:24:51 +0100
> ut>
> ut> The correct fix would be to add REQUIRE: natd to ipfw.
> ut>
> ut> http://www.bayofrum.net/~crees/patches/167566.diff
> ut>
> ut> Please would someone take a look?
>
> I think ipdivert module should be loaded in the ipfw script when
> natd_enable=YES because ipfw_nat is loaded in that way. Can you (or
> anyone) test the patch at
> http://people.allbsd.org/~hrs/FreeBSD/ipfw.20121027-1.diff ?
Looking at the situation more closely with your hint, how about making
the required_modules only conditional on firewall_nat_enable? If ipfw
continues to run before nat then the checkyesno natd_enable is
actually harmful because it makes us assume that the module is loaded,
when it actually isn't yet.
Chris
http://www.bayofrum.net/~crees/patches/167566-1.diff
More information about the freebsd-rc
mailing list