On Sat, 24 Nov 2012 17:44:30 +1100, Morgan Reed wrote:
On Fri, Nov 23, 2012 at 5:16 PM, Morgan Reed morgan.s.r...@gmail.com wrote:
So it turns out I'd not bought bpf into the jails, however even with
that and raw_sockets enabled I'm still having no joy with natd.
I've been looking at
On Sat, Nov 24, 2012 at 7:26 PM, Ian Smith smi...@nimnet.asn.au wrote:
Unless you needed to include FIREWALL_FORWARD, you really didn't need to
build ipfw into the kernel, it's all loadable by module. No harm, but.
The ipfw_nat module was causing an instant panic at load and I was
going to
On Sat, Nov 24, 2012 at 9:16 PM, Morgan Reed morgan.s.r...@gmail.com wrote:
And with ipfw nat you won't be needing ipdivert. Again, no harm.
Yeah, I didn't think it should be necessary but something was trying
to load it from within the jails and throwing an error, probably the
natd startup
On Sat, Nov 24, 2012 at 5:44 PM, Morgan Reed morgan.s.r...@gmail.com wrote:
Works like a charm, just one last thing I'd like to get squared away
here though, currently OpenVPN is using a dynamically created tun
device, I'd like to have a static /dev/tun0 exist prior to the
/etc/rc.d/natd start
SOLVED: Thanks all for your assistance.
SUMMARY:
- Kernel rebuilt with option IPFIREWALL and friends turned on (not
necessary if your ipfw modules work you should just be able to load
them, mine didn't for reasons I don't really have the time or
inclination to track down)
- OpenVPN
On Fri, Nov 23, 2012 at 7:22 AM, Morgan Reed morgan.s.r...@gmail.comwrote:
On Fri, Nov 23, 2012 at 5:16 PM, Morgan Reed morgan.s.r...@gmail.com
wrote:
So it turns out I'd not bought bpf into the jails, however even with
that and raw_sockets enabled I'm still having no joy with natd.
On Fri, Nov 23, 2012 at 7:48 PM, Andreas Nilsson andrn...@gmail.com wrote:
Why not just load the module?
Yeah, you got beaten to the punch on that one offlist, it's late in
the day here ;)
___
freebsd-stable@freebsd.org mailing list
On Fri, Nov 23, 2012 at 5:16 PM, Morgan Reed morgan.s.r...@gmail.com wrote:
So it turns out I'd not bought bpf into the jails, however even with
that and raw_sockets enabled I'm still having no joy with natd.
I've been looking at ipfw a bit today but I've run into an issue,
loading ipfw_nat
On 22 November 2012 04:00, Morgan Reed morgan.s.r...@gmail.com wrote:
Hi All,
I've a bit of an odd query which I hope somebody may be able to
assist with.
I'm looking to set up several OpenVPN tunnels on a single machine
(each residing in its own jail) and route data to different
I've not used it myself, but this sound like something VIMAGE may be good
for, basically it's a virtual tcp stack per jail, there's some docs at
http://wiki.freebsd.org/Image but I seem to remember a more up to date one
elsewhere but can't find it at the moment!
AFAIK, VIMAGE is still
On Nov 22, 2012, at 2:43 AM, nickolas...@gmail.com wrote:
I've not used it myself, but this sound like something VIMAGE may be good
for, basically it's a virtual tcp stack per jail, there's some docs at
http://wiki.freebsd.org/Image but I seem to remember a more up to date one
elsewhere but
On Thu, Nov 22, 2012 at 9:38 PM, Simon Dick sim...@irrelevant.org wrote:
I've not used it myself, but this sound like something VIMAGE may be good
for, basically it's a virtual tcp stack per jail, there's some docs at
http://wiki.freebsd.org/Image but I seem to remember a more up to date one
Hmm, list was missing from reply-to on this one.
-- Forwarded message --
From: Morgan Reed morgan.s.r...@gmail.com
Date: Thu, Nov 22, 2012 at 10:36 PM
Subject: Re: natd in a jail
To: Dewayne Geraghty dewayne.gerag...@heuristicsystems.com.au
On Thu, Nov 22, 2012 at 9:33 PM
On Thu, Nov 22, 2012 at 10:32 PM, Teske, Devin
devin.te...@fisglobal.com wrote:
I have created a boot script for managing vimages (downloadable as a FreeBSD
package) and made a little write-up on how to use it...
http://druidbsd.sf.net/vimage.shtml
As noted elsewhere, these are VIMAGE jails,
On 11/22/2012 6:00 AM, Morgan Reed wrote:
Hi All,
Hi,
[snipped content]
Any suggestions here?
A quick one. Could you make a try using ipfw nat instead of natd?
I am not sure about divert socket and natd per jail, but NATing using
ipfw and libalias(which natd uses as well) works.
HTH, Nikos
On Thu, Nov 22, 2012 at 10:36 PM, Morgan Reed morgan.s.r...@gmail.com wrote:
BPF is enabled for the jails, and the traffic is getting to where it
needs to (but not via natd). I'll try enabling raw_sockets in the
jails, it is entirely conceivable that natd requires that
functionality.
So it
On Fri, Nov 23, 2012 at 5:16 PM, Morgan Reed morgan.s.r...@gmail.com wrote:
So it turns out I'd not bought bpf into the jails, however even with
that and raw_sockets enabled I'm still having no joy with natd.
I've been looking at ipfw a bit today but I've run into an issue,
loading ipfw_nat
Hi All,
I've a bit of an odd query which I hope somebody may be able to
assist with.
I'm looking to set up several OpenVPN tunnels on a single machine
(each residing in its own jail) and route data to different
destinations over different tunnels by selectively routing the traffic
via a
18 matches
Mail list logo
