Bug 25223
| Summary: | PATCH for rc.network to enable ipnat seperately from ipfilter | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Base System | Reporter: | Andre Albsmeier <Andre.Albsmeier> | ||||
| Component: | conf | Assignee: | Darern Reed <darrenr> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | ||||||
| Priority: | Normal | ||||||
| Version: | 4.2-STABLE | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
Responsible Changed From-To: freebsd-bugs->darrenr darrenr is responsible for ipnat See also bin/27016.
--
Thomas.Quinot@Cuivre.FR.EU.ORG
State Changed From-To: open->feedback Arjan de Vet and Doug Barton have made patches to the FreeBSD rc system that should solve all of the known problems with IPFilter. Current and stable patches are available at the URL underneath. Please be so kind to: 1) Test the patches if they do work for you 2) mail your feedback to Arjan de Vet (devet@devet.org) 3) If al is worked out and Arjan has the patches committed, please update the PR. Url: http://home.iae.nl/users/devet/freebsd/ This was fixed by recent commit to rc.network, thanks! -Andre State Changed From-To: feedback->closed Submitter says the latest ipfilter changes that were made to rc.network fixed the problem. |
The current way of initialasing ipfilter during system boot makes it very hard to use ipnat without ipfilter since ${ipfilter_enable} must be "yes" in order to get ${ipnat_enable} evaluated at all. Fix: Move ${ipnat_enable} stuff out of the ${ipfilter_enable} conditional. Don't know if the ipmon stuff should be seperate as well... How-To-Repeat: Try a config in rc.network where ipnat rules are loaded and ipfilter stuff is left alone.