Date: Sat, 16 Apr 2011 18:01:35 +0000 (UTC) From: rondzierwa@comcast.net To: freebsd-net@freebsd.org Subject: natd starting after firewall rules are loaded Message-ID: <349334508.1236453.1302976895873.JavaMail.root@sz0128a.westchester.pa.mail.comcast.net> In-Reply-To: <20110416120032.CD03910656B3@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I am upgrading my firewall/router/web server machine from 4.9 to 8.2 release an am having problems with ipfw/natd. I made basically the same defs in rc.conf to enable the firewall and natd but I get an error during rc.firewall on the divert command saying something about an error on the divert socket. The natd socket number is being translated properly (8668) because i can see the command echoed on the console. After the firewall rules are loaded, the rc script then loads natd, Once the system is up, i can ipfw list and the divert command is, in fact, not there, but by this time natd is running. If I run the rc.firewall script interactively, it completes successfully and the divert rule is in the list, and everyone is happy again. In 4.9 there used to be a rc.network script that started natd before it loaded the firewall rules. I do not see it in 8.2 anymore, instead it looks like rc simply runs the scripts in rc.d alphabetically, so natd comes after ipfw. I can't believe i'm the only one using ipfw and natd with 8.2, so it seems to me that i just don't know the secret handshake that will make it work. does anybody have any suggestions? thanks, ron.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?349334508.1236453.1302976895873.JavaMail.root>