network glitch with internal network/gateway on 5.3

Sun Dec 12 20:41:30 PST 2004

Hey all.

I'm finally getting over my lazy spell re: the chore of swapping the
new server in for the old.

There are a couple hangups.

The old server was running 4.10, and handling PPP/natd flawlessly.  It
was also starting the ppp connection up automagically on boot.

The new one isn't doing either.

I have the following in /etc/rc.conf:

ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="YES"
ppp_profile="verizon"
ppp_user="root"
natd_enable="YES"
natd_program="/sbin/natd"
natd_flags="-u -s -same_ports -dynamic -n fxp0 -log_facility security"
natd_interface="tun0"
firewall_enable="YES"
firewall_script="/etc/rc.firewall"
gateway_enable="YES"

Most, if not all of this is adapted from the old servers settings.

The internal network interface (rl0) is set up as 10.8.20.5.

My routes are set up as:
Internet:
Destination        Gateway            Flags    Refs      Use  Netif  Expire
default            10.9.99.1          UGS         0    41846   tun0
10.8.20/24         link#1             UC          0        0    rl0
10.8.20.7          00:a0:c9:74:12:a3  UHLW        0        3    rl0  958
10.9.99.1          68.163.129.130     UH          1        0   tun0
127.0.0.1          127.0.0.1          UH          0     8782    lo0

I've also got the firewall script from the old server, which has
always been pretty good for my purposes.  Just one thing seems to be
hanging up.  This is the error message:
ipfw: getsockopt(IP_FW_ADD): Invalid argument

This is right on the divert rule:
${fwcmd} add divert natd all from any to any via ${natd_interface}

fwcmd is "/sbin/ipfw" and natd_interface is defined above as "tun0".

Now, in the startup, I noticed that ppp isn't starting up, which is
probably where the whole thing goes south.  The problem is logged
briefly at the console, but I can't find any reference to it in the
logs.  It refers to a libintl.so.6(?) lib that can't be found, and is
needed by su.  The lib does appear to exist in /usr/local/lib/ though.

I assume this refers to the fact that ppp is to be run as root.  This
might also explain why I have no problems starting ppp up as root
manually once I've got the system up.

To test a theory, I linked the libintl.* libs from /usr/local/lib/ to
/usr/lib/ and rebooted.  Voila.  It comes up like it knows what to do
- except for that little natd issue.

Now I just need to figure out why ppp won't work without the gettext
libs, or figure out how to tell it to look in the right place, and
figure out the hangup with natd.

As usual, any suggestions would be appreciated.

Thanks
Lou
-- 
Louis LeBlanc               FreeBSD at keyslapper.org
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
http://www.keyslapper.org                     Ô¿Ô¬

alimony, n:
  Having an ex you can bank on.