5-Stable (5.4) any ipnat changes?
smartweb at leadhill.net
Sun May 29 22:49:43 PDT 2005
Billy Newsom wrote:
> Okay, I'm going to dig up someone who might be responsible or might be
> able to fix it. Two strikes while doing the same upgrade... While I'm
> thinking about it, would you see if it happens on the next reboot? I
> haven't tried, because my system is a firewall that I need to keep up
> most of the time (I'm behind it right now), but I will definitely see if
> it happens again soon.
> I am going to check some cvs checkins in the last three months or so and
> see if I can track down a change.
> As for the custom kernel, I wonder if we both need to post the details
> of our custom kernel to this list for others to see? I wonder if the
> problem is only with certain kernel switches. I am attaching my kernel
> (with no comments) to this email. Let me know if it's easier to read
> with the comments in it, because a lot of the generic kernel fluff has
> been removed for sake of speed.
(Replying to self)
Well, I filed a PR for this at
So if anyone wants to follow it, watch that.
I looked at the changes to ipnat, (like ip_nat.c) and found that Darren
Reed and Robert Watson seem have put in some changes to the ipfilter
code to bring it up to the current release used in Solaris (4.1.8 from
3.4.35 I believe). They had it tested in HEAD (6-current) it looks
like, and they just merged it into the STABLE branch in March. Not
being familiar with it, I don't see immediately what could have made
ipnat not start on boot.
Most changes to STABLE on Mar. 15.
Or perhaps something in the rc, rcng, etc. could have done this. ipnat
may have slipped through somehow and not gotten started.
I just rebooted the machine that had the problem, and so far ipnat was
automatically loaded and is running fine. Could this only be a problem
on the first reboot or something? Or is it an intermittent problem?
Since others have reported having the same problem, can anyone confirm
what happens on the subsequent boots? I have ipv6 disabled on my
system... Is that a prerequisite? I have had it disabled for a long
time with no problems, and of course, ipnat runs fine. I know Darren
made some changes to get ipv6 to run recently, but would that be it?
More information about the freebsd-stable