Date: Mon, 26 Jan 2015 21:34:39 +0100 From: =?ISO-8859-1?Q?Olivier_Cochard=2DLabb=E9?= <olivier@cochard.me> To: John Baldwin <jhb@freebsd.org> Cc: svn-src-head <svn-src-head@freebsd.org>, svn-src-all <svn-src-all@freebsd.org>, src-committers <src-committers@freebsd.org> Subject: Re: svn commit: r277714 - head/sbin/ipfw Message-ID: <CA%2Bq%2BTcr1fNz70Y6%2B0NeWDLx2Bszk1B0M%2B4_Cv2uMayBsNc6pRQ@mail.gmail.com> In-Reply-To: <201501252037.t0PKbXNW070662@svn.freebsd.org> References: <201501252037.t0PKbXNW070662@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jan 25, 2015 at 9:37 PM, John Baldwin <jhb@freebsd.org> wrote: > Author: jhb > Date: Sun Jan 25 20:37:32 2015 > New Revision: 277714 > URL: https://svnweb.freebsd.org/changeset/base/277714 > > Log: > natd(8) will work with an unconfigured interface and effectively not do > anything until the interface is assigned an address. This fixes > ipfw_nat to do the same by using an IP of INADDR_ANY instead of > aborting the nat setup if the requested interface is not yet configured. > > Hi, I've still a problem with ipfw_nat and unconfigured interface: On my setup I'm using ipfw with NAT rules using an OpenVPN tunnel interface as source address for NATting. During the machine startup, ipfw is started before openvpn (hopefully) and its configuration mention do to NAT using tun0 IP address. Then OpenVPN start and create a tun0 and set an IP address on it. => But no unicast traffic is allowed on this tun0 interface until I restart ipfw. If I correctly understand the log of this commit: This behavior should be fixed by this commit, right ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2Bq%2BTcr1fNz70Y6%2B0NeWDLx2Bszk1B0M%2B4_Cv2uMayBsNc6pRQ>