On Fri, 4 May 2001, Ruslan Ermilov wrote:
> On Thu, May 03, 2001 at 05:17:17PM -0500, Nick Rogness wrote: > > In
> 4.2-STABLE, /etc/rc.network has entries to turn on natd. However,
> natd > does not get enabled if you don't specify natd_interface.
> WHat if you you > have setup stored in a configuration file and do not
> wish to supply an
> > interface flag in /etc/rc.conf? Well, natd does not turn on!
> >
> > Would it make more sense to do something like (psuedo-ish code):
> >
> > if (natd_enable = YES)
> >
> > if (natd_interface defined)
> > natd -n $natd_interface $natd_flags
> > elif (natd_flags defined)
> > natd $natd_flags
> > fi
> > fi
> >
> >
> > It would allow for people to not specify a natd_interface but still
> be > able to run natd out of rc.conf. What does everyone think of
> this?
> > > I guess you pay the penalty if someone doesn't setup the flags
> properly > but I guess you could write that off as a config error
> anyways.
> >
> ${natd_interface} is required to set up the ``divert natd'' rule
> from /etc/rc.firewall.
>
Damn! And if someone enters an IP as natd_interface...does the
firewall rules error out? (haven't tried it but looks as if it
would)
I would suspect that if the user doesn't specify natd_interface in
rc.conf that he would have to be aware that the firewall rule for
nat did not get added. I don't necessarily think that's a bad
thing...but maybe it is.
Nick Rogness <[EMAIL PROTECTED]>
- Keep on Routing in a Free World...
"FreeBSD: The Power to Serve!"
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message