natd in a jail

Morgan Reed morgan.s.reed at
Fri Nov 23 06:17:01 UTC 2012

On Thu, Nov 22, 2012 at 10:36 PM, Morgan Reed <morgan.s.reed at> wrote:
> BPF is enabled for the jails, and the traffic is getting to where it
> needs to (but not via natd). I'll try enabling raw_sockets in the
> jails, it is entirely conceivable that natd requires that
> functionality.

So it turns out I'd not bought bpf into the jails, however even with
that and raw_sockets enabled I'm still having no joy with natd.

I've been looking at ipfw a bit today but I've run into an issue,
loading ipfw_nat causes my kernel to instantly panic, I need to
recompile with KDB and DDB turned on so I can actually catch the trace
though... Might look at netgraph before going too far down that path.

More information about the freebsd-stable mailing list