ipfw + natd problem
Hi, there. I'm now faced with a problem concerning ipfw + natd on the very current world with /etc properly updated. The problem is described as this: Enabling options IPFIREWALL IPDIVERT plus running natd makes it freeze on shutdown with no messages, no response to my key input, no reply to a ping from another host. :( FYI, my configuration is shown as follows, which ipfw/natd part is entirely taken from my 3.4-STABLE machine that _is_ working amazingly fine for quite a long time. knu@archon[2]% uname -a FreeBSD archon.local.idaemons.org 4.0-CURRENT FreeBSD 4.0-CURRENT #25: Thu Feb 10 18:51:07 JST 2000 [EMAIL PROTECTED]:/usr/src/sys/compile/ARCHON i386 knu@archon[2]% cat /etc/rc.conf network_interfaces="fxp0 lo0" ifconfig_fxp0="inet 192.168.1.32 netmask 255.255.255.0" defaultrouter="192.168.1.1" hostname="archon.local.idaemons.org" moused_enable="YES" moused_port="/dev/cuaa0" moused_type="intellimouse" moused_flags="-w 2 -z 5 -m 7=2 -m 2=4 -m 4=5 -m 5=6 -m 6=7" allscreens_flags='-m on' firewall_enable="YES" firewall_type="open" firewall_quiet="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/natd.conf" amd_enable="YES" amd_flags="-F /etc/amd.conf" saver="logo" keyrate="fast" knu@archon[2]% perl -ne 's/ *#.*//; print if /\S/' /sys/i386/conf/ARCHON machine i386 cpu I686_CPU ident ARCHON maxusers32 options INET options FFS options FFS_ROOT options SOFTUPDATES options MFS options NFS options MSDOSFS options NTFS options EXT2FS options CD9660 options PROCFS options NULLFS options UNION options PORTAL options COMPAT_43 options SCSI_DELAY=5000 options UCONSOLE options USERCONFIG options VISUAL_USERCONFIG options KTRACE options SYSVSHM options SYSVMSG options SYSVSEM options P1003_1B options _KPOSIX_PRIORITY_SCHEDULING options _KPOSIX_VERSION=199309L options ICMP_BANDLIM options SMP options APIC_IO device isa device eisa device pci device fdc0at isa? port IO_FD1 irq 6 drq 2 device fd0 at fdc0 drive 0 device ata0at isa? port IO_WD1 irq 14 device ata device atadisk options ATA_STATIC_ID device ahc device scbus device da device sa device cd device pass device atkbdc0 at isa? port IO_KBD device atkbd0 at atkbdc? irq 1 device psm0at atkbdc? irq 12 device vga0at isa? pseudo-device splash device sc0 at isa? device npx0at nexus? port IO_NPX irq 13 device apm0at nexus? disable flags 0x20 device pcm0 device sio0at isa? port IO_COM1 flags 0x10 irq 4 device sio1at isa? port IO_COM2 irq 3 device ppc0at isa? irq 7 device ppbus device lpt device plip device ppi device fxp pseudo-device loop pseudo-device ether pseudo-device sl 1 pseudo-device ppp 1 pseudo-device tun pseudo-device pty 16 pseudo-device md pseudo-device vn pseudo-device bpf 4 options IPFIREWALL options IPDIVERT options SHMMAXPGS=2049 options COMPAT_LINUX knu@archon[2]% cat /etc/natd.conf log no deny_incoming yes use_sockets no same_ports yes unregistered_only yes dynamic yes knu@archon[2]% If I disable natd by setting natd_enable="NO", then shutdown goes just fine. Also I confirmed that neither falling onto single user mode, unloading every kernel module nor killing natd causes freezing. Any suggestions? -- / /__ __ / ) ) ) ) / Akinori -Aki- MUSHA aka / (_ / ( (__( [EMAIL PROTECTED] "If you choose not to decide you still have made a choice." To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ipfw + natd problem
On Thu, Feb 10, 2000 at 08:46:11PM +0900, Akinori -Aki- MUSHA wrote: Hi, there. I'm now faced with a problem concerning ipfw + natd on the very current world with /etc properly updated. The problem is described as this: Enabling options IPFIREWALL IPDIVERT plus running natd makes it freeze on shutdown with no messages, no response to my key input, no reply to a ping from another host. :( FYI, my configuration is shown as follows, which ipfw/natd part is entirely taken from my 3.4-STABLE machine that _is_ working amazingly fine for quite a long time. knu@archon[2]% uname -a FreeBSD archon.local.idaemons.org 4.0-CURRENT FreeBSD 4.0-CURRENT #25: Thu Feb 10 18:51:07 JST 2000 [EMAIL PROTECTED]:/usr/src/sys/compile/ARCHON i386 knu@archon[2]% cat /etc/rc.conf network_interfaces="fxp0 lo0" ifconfig_fxp0="inet 192.168.1.32 netmask 255.255.255.0" defaultrouter="192.168.1.1" hostname="archon.local.idaemons.org" moused_enable="YES" moused_port="/dev/cuaa0" moused_type="intellimouse" moused_flags="-w 2 -z 5 -m 7=2 -m 2=4 -m 4=5 -m 5=6 -m 6=7" allscreens_flags='-m on' firewall_enable="YES" firewall_type="open" firewall_quiet="YES" natd_enable="YES" natd_interface="fxp0" natd_flags="-f /etc/natd.conf" amd_enable="YES" amd_flags="-F /etc/amd.conf" saver="logo" keyrate="fast" knu@archon[2]% perl -ne 's/ *#.*//; print if /\S/' /sys/i386/conf/ARCHON machine i386 cpu I686_CPU ident ARCHON maxusers 32 options INET options FFS options FFS_ROOT options SOFTUPDATES options MFS options NFS options MSDOSFS options NTFS options EXT2FS options CD9660 options PROCFS options NULLFS options UNION options PORTAL options COMPAT_43 options SCSI_DELAY=5000 options UCONSOLE options USERCONFIG options VISUAL_USERCONFIG options KTRACE options SYSVSHM options SYSVMSG options SYSVSEM options P1003_1B options _KPOSIX_PRIORITY_SCHEDULING options _KPOSIX_VERSION=199309L options ICMP_BANDLIM options SMP options APIC_IO deviceisa deviceeisa devicepci devicefdc0at isa? port IO_FD1 irq 6 drq 2 devicefd0 at fdc0 drive 0 deviceata0at isa? port IO_WD1 irq 14 deviceata deviceatadisk options ATA_STATIC_ID deviceahc devicescbus deviceda devicesa devicecd devicepass deviceatkbdc0 at isa? port IO_KBD deviceatkbd0 at atkbdc? irq 1 devicepsm0at atkbdc? irq 12 devicevga0at isa? pseudo-device splash devicesc0 at isa? devicenpx0at nexus? port IO_NPX irq 13 deviceapm0at nexus? disable flags 0x20 devicepcm0 devicesio0at isa? port IO_COM1 flags 0x10 irq 4 devicesio1at isa? port IO_COM2 irq 3 deviceppc0at isa? irq 7 deviceppbus devicelpt deviceplip deviceppi devicefxp pseudo-device loop pseudo-device ether pseudo-device sl 1 pseudo-device ppp 1 pseudo-device tun pseudo-device pty 16 pseudo-device md pseudo-device vn pseudo-device bpf 4 options IPFIREWALL options IPDIVERT options SHMMAXPGS=2049 options COMPAT_LINUX knu@archon[2]% cat /etc/natd.conf log no deny_incoming yes use_sockets no same_portsyes unregistered_only yes dynamic yes knu@archon[2]% If I disable natd by setting natd_enable="NO", then shutdown goes just fine. Also I confirmed that neither falling onto single user mode, unloading every kernel module nor killing natd causes freezing. Any suggestions? Compile your kernel with DDB, and see where it stuck from there... -- Ruslan Ermilov Sysadmin and DBA of the
