Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

No /usr/local/jails/modules/forms.d/natcfg/initforms.sh #134

Closed
trombik opened this issue Feb 14, 2017 · 5 comments
Assignees

Comments

@trombik
Copy link

@trombik trombik commented Feb 14, 2017

when choosing natcfg in initenv-tui, the dialog does not seem to work.

how to reproduce

  • pkg install cbsd
  • set nodename
  • run /usr/local/cbsd/sudoexec/initenv inter=0
cbsd@server1> uname -msr
FreeBSD 10.3-RELEASE amd64
root@server1:/usr/local/etc # pkg info | grep cbsd
cbsd-11.0.6_1                  Yet another FreeBSD Jail and Bhyve Management Utility
root@server1:/usr/local/etc # env workdir=/usr/local/jails cbsd
cbsd@server1> initenv-tui
... choose [natcfg] in the dialog ...
No /usr/local/jails/modules/forms.d/natcfg/initforms.sh
root@server1:/usr/local/etc # find /usr/local/cbsd | grep initforms.sh 
root@server1:/usr/local/etc # find /usr/local/jails | grep initforms.sh
root@server1:/usr/local/etc # 
@olevole olevole self-assigned this Feb 14, 2017
@olevole

This comment has been minimized.

Copy link
Collaborator

@olevole olevole commented Feb 15, 2017

Ugh. TUI dialog for NAT is new functional and still not ready, forget to disable in initenv ;-)
It will be fixed in next release, 11.0.9 or 11.1.0

@kaN5300

This comment has been minimized.

Copy link

@kaN5300 kaN5300 commented Sep 26, 2017

cbsd-11.1.6
Name           : cbsd
Version        : 11.1.6
Installed on   : Mon Sep 25 15:34:31 2017 UTC
Origin         : sysutils/cbsd
Architecture   : FreeBSD:11:amd64
Prefix         : /usr/local
Categories     : sysutils
Licenses       : BSD2CLAUSE
Maintainer     : olevole@olevole.ru
WWW            : https://www.bsdstore.ru
Comment        : Yet another FreeBSD Jail and Bhyve Management Utility
Shared Libs required:
	libedit.so.0
	libssh2.so.1
	libsqlite3.so.0
Annotations    :
	repo_type      : binary
	repository     : FreeBSD
Flat size      : 16.0MiB
Description    :
Yet another FreeBSD jail and bhyve management tool.

WWW: https://www.bsdstore.ru

cbsd@cbsd> natcfg-tui
No /usr/jails/modules/forms.d/natcfg/initforms.sh

What is the proper way to organize some dst nat rules for jails with ipfw? There is ${etcdir}/ipfw.conf witch in my case consists of 3 lines:

...
/sbin/ipfw -q add 2000 nat 123 all from 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 to not 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 any via em0
/sbin/ipfw -q nat 123 config ip 10.0.2.15
/sbin/ipfw -q add 2000 nat 123 ip from any to 10.0.2.15 via em0
...

@olevole

This comment has been minimized.

Copy link
Collaborator

@olevole olevole commented Sep 26, 2017

@kaN5300 The contents of this file are fully automatic. If you want to have your own rules, you need to turn off the NAT function in CBSD ( cbsd initenv-tui or cbsd natcfg + cbsd natoff).

And move these rules to your regular firewall configuration file.
To be able to mix the CBSD firewall rules together with the user's - this is a good feature. However at the moment I do not have a clear understanding/view of how to do it the best way since it is a rather dangerous component.
Perhaps this should be implemented as separate blocks that are concat together in a certain order in the final file.

olevole added a commit that referenced this issue Jan 9, 2018
cbsd forms still not able to give dynamic data.
restore cbsd natcfg-tui as internal script for TUI-based config for NAT
Also, this fixes Issue #134
@olevole

This comment has been minimized.

Copy link
Collaborator

@olevole olevole commented Jan 9, 2018

fixed in CBSD 11.1.12

@olevole olevole closed this Jan 9, 2018
@olevole

This comment has been minimized.

Copy link
Collaborator

@olevole olevole commented Jan 19, 2018

11.1.12 commited into ports tree

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.