[6.x patchset] Ipfw nat and libalias modules

Wed, 05 Sep 2007 20:10:42 -0700
I was recently testing the in kernel nat patch, which is an absolutely wonderful addition in my opinion. I have however run into one issue, when for example I do the following : 

ipfw nat 10 config ip 2.2.2.2


The command is accepted, and anything I sent to nat process 10 via ipfw 
works as expected.  When I try to add a second NAT instance though, I 
run into a problem, for example :


ipfw nat 20 config ip 3.3.3.3


My goal is to of course have more than one nat process running, but 
adding anything after that initial first NAT causes a "hang", when I say 
hang I mean I enter the command, hit enter, and am never returned to a 
prompt, if I break with CTRL-C,  then I can get back to the prompt most 
of the time, other times I cannot break out via CTRL-C and just have to 
close that particular shell session.  To note, when I run into this 
hang, the command I ran shows up as a process, ie like this :


3839    p3   R+               0:02.67 ipfw nat 30 config ip 4.4.4.4


At this point, if I can't break out via CTRL-C , in another shell on the 
same machine I tried to kill the process, then kill -9, neither works, 
the process stays until I reboot the machine. 

Finally, just to note, even if the command doesn't return me to a shell 
prompt, or even if it hangs, the nat processes themselves to work, if I 
do a   "ipfw nat show config" , all is well, and I've tested to be sure, 
the nat processes are definitely active and working as they should.



To reproduce the problem Im seeing, simply try :

ipfw nat 10 config ip 1.1.1.1  <== Works Fine
ipfw nat 20 config ip 2.2.2.2  <== Won't return you back to a shell Prompt


I've tried this on x86 as well as AMD64, both having the same exact 
problem.  Both machines are running 6.1-RELEASE-p19



Please let me know if I can help with additional information, and by the 
way, aside from this small issue, in kernel nat is absoulutely awesome, 
thanks for all the hard work! 


Chris Bowman


_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"






















					Reply via email to