Bug 148137 - [ipfw] call order of natd and ipfw startup scripts
Summary: [ipfw] call order of natd and ipfw startup scripts
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: conf (show other bugs)
Version: 8.1-PRERELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-06-25 11:30 UTC by Vitezslav Novy
Modified: 2018-01-03 05:16 UTC (History)
0 users

See Also:


Attachments
148137.diff (782 bytes, patch)
2010-12-22 22:48 UTC, Ceri Davies
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Vitezslav Novy 2010-06-25 11:30:01 UTC
From 8.0-RELEASE ipfw startup script doesn't call natd startup script.
Also there is no information about call order of ipfw a natd startup
script. On my system ipfw is called before natd. If ipdivert module is
not loaded using loader.conf, natd loads it, but ipfw running before fail
to install divert rules.

Fix: 

Define right order (natd, ipfw) of startup scripts
or
load ipdivert module in ipfw startup script if natd_enable="YES"
How-To-Repeat: Configure "open" type ipfw with userland natd and do not configure loading
of ipdivert in loader.conf. Use GENERIC kernel (without ipfw compiled in).
After reboot divert rules are not installed.
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2010-06-27 05:16:16 UTC
Responsible Changed
From-To: freebsd-bugs->freebsd-rc

I don't know if this is an issue more for the rc folks or for the ipfw folks.
Comment 2 Doug Barton freebsd_committer 2010-06-27 05:43:52 UTC
Responsible Changed
From-To: freebsd-rc->freebsd-ipfw


I vote the latter. :)
Comment 3 candy-sendpr 2010-07-14 02:41:57 UTC
Fix:
Just copy 8.0-RELEASE version /etc/rc.d/ipfw script to your 8.1 box :-)


It seems /etc/rc.d/ipfw 1.21.2.2's bug.

<URL:http://www.jp.freebsd.org/cgi/cvsweb.cgi/src/etc/rc.d/ipfw.diff?r1=text&tr1=1.21&r2=text&tr2=1.21.2.2>

It moved `/etc/rc.d/natd quietstart' sequence
from ipfw_start() to ipfw_poststart().

Natd(8) must be started before ipfw(8) rules are proceeded.
Should be in ipfw_prestart() or ipfw_start().


> From 8.0-RELEASE ipfw startup script doesn't call natd startup script.
> Also there is no information about call order of ipfw a natd startup
> script. On my system ipfw is called before natd. If ipdivert module is
> not loaded using loader.conf, natd loads it, but ipfw running before fail
> to install divert rules.

KANDA Toshihiro <candy-sendpr@kgc.co.jp>
Comment 4 Ceri Davies 2010-12-22 22:48:39 UTC
This still seems to be a problem in 7.4-PRERELEASE too; the attached
patch seems to fix it here.

Ceri
Comment 5 Hiroki Sato freebsd_committer 2011-01-15 16:15:20 UTC
Responsible Changed
From-To: freebsd-ipfw->hrs

I'll take this.
Comment 6 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:00:26 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped