Subject: ipf/ipnat problem
To: None <netbsd-help@netbsd.org>
From: Federico Lupi <flupi@mclink.it>
List: netbsd-help
Date: 01/21/2001 17:23:05
I have ipnat turned on in the ip-up script and off in ip-down. This
setup has worked for a lot of time but recently it has stopped
working (probably after upgrading to 1.4.3 i386, I'm not sure.)
In ip-up I have:
/usr/sbin/ipnat -F
/usr/sbin/ipnat -C
/sbin/ipf -E
/usr/sbin/ipnat -f /etc/ipnat.conf
And in ip-down:
/sbin/ipf -D
/usr/sbin/ipnat -C
/usr/sbin/ipnat -F
The ip-up sequence doesn't work any more:
# /usr/sbin/ipnat -C
0 entries flushed from NAT list
# /usr/sbin/ipnat -F
ioctl(SIOCFLNAT): Device busy
# /sbin/ipf -E
SIOCFRENB: Device busy
# /usr/sbin/ipnat -f /etc/ipnat.conf
ioctl(SIOCADNAT): Device busy
ioctl(SIOCADNAT): Device busy
ioctl(SIOCADNAT): Device busy
After some experimentation I found that the following sequence of
commands work:
# /sbin/ipf -D
# /usr/sbin/ipnat -C
0 entries flushed from NAT list
# /sbin/ipf -D
# /usr/sbin/ipnat -F
0 entries flushed from NAT table
# /sbin/ipf -D
# /sbin/ipf -E
# /usr/sbin/ipnat -f /etc/ipnat.conf
It seems that it's necessary to call ipf -D before all commands. Am
I missing something?
TIA,
--
Federico Lupi
Home page
http://www.mclink.it/personal/MG2508/