Re: Dead natd -> dead system
# [EMAIL PROTECTED] / 2003-07-10 13:57:33 -0600: > While working with a FreeBSD system this afternoon, I did something which killed > natd (the NAT daemon), which was processing packets in the usual way via ipfw > and a divert socket. > > The result? Network communications on the system simply went dead. > > It seems to me that ipfw should be able to "self-heal" (that is, bypass the > rule) or reinvoke a daemon that's attached to a divert socket. Otherwise, > the process that's attached to the socket becomes an Achilles' heel for > the whole system. Crash it for any reason, and the system's offline. > > Ideas? sysutils/daemontools ? -- If you cc me or remove the list(s) completely I'll most likely ignore your message.see http://www.eyrie.org./~eagle/faqs/questions.html ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dead natd -> dead system
On Fri, 11 Jul 2003, Vulpes Velox wrote: > On Thu, 10 Jul 2003 16:56:12 -0400 (EDT) > Matthew Emmerton <[EMAIL PROTECTED]> wrote: > > > On Thu, 10 Jul 2003, Brett Glass wrote: > > > > > While working with a FreeBSD system this afternoon, I did something which killed > > > natd (the NAT daemon), which was processing packets in the usual way via ipfw > > > and a divert socket. > > > > > > The result? Network communications on the system simply went dead. > > > > > > It seems to me that ipfw should be able to "self-heal" (that is, bypass the > > > rule) or reinvoke a daemon that's attached to a divert socket. Otherwise, > > > the process that's attached to the socket becomes an Achilles' heel for > > > the whole system. Crash it for any reason, and the system's offline. > > > > > > Ideas? > > > > Use kernel-mode IPNAT instead of user-mode natd? > > What is kernel-mode IPNAT? If you are using ppp to dial in, use the options -nat and -ddial That will keep your connection up 24h/day . Regards, Uli. > > ___ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > +---+ |Peter Ulrich Kruppa| | - Wuppertal - | | Germany | +---+ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dead natd -> dead system
On Thu, 10 Jul 2003 16:56:12 -0400 (EDT) Matthew Emmerton <[EMAIL PROTECTED]> wrote: > On Thu, 10 Jul 2003, Brett Glass wrote: > > > While working with a FreeBSD system this afternoon, I did something which killed > > natd (the NAT daemon), which was processing packets in the usual way via ipfw > > and a divert socket. > > > > The result? Network communications on the system simply went dead. > > > > It seems to me that ipfw should be able to "self-heal" (that is, bypass the > > rule) or reinvoke a daemon that's attached to a divert socket. Otherwise, > > the process that's attached to the socket becomes an Achilles' heel for > > the whole system. Crash it for any reason, and the system's offline. > > > > Ideas? > > Use kernel-mode IPNAT instead of user-mode natd? What is kernel-mode IPNAT? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dead natd -> dead system
On Thu, 10 Jul 2003, Brett Glass wrote: > While working with a FreeBSD system this afternoon, I did something which killed > natd (the NAT daemon), which was processing packets in the usual way via ipfw > and a divert socket. > > The result? Network communications on the system simply went dead. > > It seems to me that ipfw should be able to "self-heal" (that is, bypass the > rule) or reinvoke a daemon that's attached to a divert socket. Otherwise, > the process that's attached to the socket becomes an Achilles' heel for > the whole system. Crash it for any reason, and the system's offline. > > Ideas? Use kernel-mode IPNAT instead of user-mode natd? -- Matthew Emmerton Computer Partners IT Specialist ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"