Re: The State of NPF?

To: Ryan Brackenbury <ryan.brackenbury%gmail.com@localhost>, netbsd-users%netbsd.org@localhost
Subject: Re: The State of NPF?
From: John Nemeth <jnemeth%cue.bc.ca@localhost>
Date: Thu, 27 Jul 2017 00:14:33 -0700

On Jul 24,  7:54pm, Ryan Brackenbury wrote:
} 
} - NAT Hairpinning is troublesome. For the life of me, I cannot get it to

     NAT Hairpinning is just plain troublesome.

} - NPF won't automatically reload the IPs on the interfaces if they change.
} I have a cronjob doing `npfctl reload` every 5 minutes in case my
} dynamically-assigned router IP changes. In the past, my IP changed and I
} was left scratching my head as to why my internet no longer worked...

     This is a known issue.  However, both dhclient and dhcpcd can
run scripts when the address changes, which you can use for this
purpose.  With dhclient, you just create /etc/dhclient-exit-hooks,
like so:

if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \
   [ x$reason = xREBIND ] || [ x$reason = xREBOOT ]; then

  if [ x$old_ip_address != x$new_ip_address ]; then
    /usr/sbin/ipnat -C -F -f /etc/ipnat.conf > /dev/null
    /usr/pkg/bin/lynx -dump -auth=xxx:yyy http://... > /dev/null
  fi
fi

I don't know what the equivalent would be for dhcpcd.

}-- End of excerpt from Ryan Brackenbury

References:
- The State of NPF?
  - From: Ryan Brackenbury

Prev by Date: Re: The State of NPF?
Next by Date: Error starting lxde
Previous by Thread: Re: The State of NPF?
Next by Thread: maxusers
Indexes:

Home | Main Index | Thread Index | Old Index