> On 26 Jan 2015, at 22:24, John Baldwin <j...@freebsd.org> wrote: > > On Monday, January 26, 2015 09:34:39 PM Olivier Cochard-Labbé wrote: >> On Sun, Jan 25, 2015 at 9:37 PM, John Baldwin <j...@freebsd.org> wrote: >>> Author: jhb >>> Date: Sun Jan 25 20:37:32 2015 >>> New Revision: 277714 >>> URL: https://svnweb.freebsd.org/changeset/base/277714 >>> >>> Log: >>> natd(8) will work with an unconfigured interface and effectively not do >>> anything until the interface is assigned an address. This fixes >>> ipfw_nat to do the same by using an IP of INADDR_ANY instead of >>> aborting the nat setup if the requested interface is not yet configured. >> >> Hi, >> >> I've still a problem with ipfw_nat and unconfigured interface: >> On my setup I'm using ipfw with NAT rules using an OpenVPN tunnel interface >> as source address for NATting. >> >> During the machine startup, ipfw is started before openvpn (hopefully) and >> its configuration mention do to NAT using tun0 IP address. >> Then OpenVPN start and create a tun0 and set an IP address on it. >> => But no unicast traffic is allowed on this tun0 interface until I restart >> ipfw. >> >> If I correctly understand the log of this commit: This behavior should be >> fixed by this commit, right ? > > It might. What happened for me is that I was using nat over wlan0 for VM's > on my laptop to reach the outside world, but wlan0 doesn't get an IP until > later in the boot after it associates. As a result, wlan0 wasn't passing any > IP traffic until this fix (or if I reloaded ipfw after wlan0 was configured).
I don’t think it does. The interface is not available until openvpn is started.You need to clone the interface during boot by adding cloned_interfaces=‘tun0’ in your /etc/rc.conf. Initialisation is then done later by openvpn. Let me know if that works for you. Nick _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"