From owner-freebsd-questions Fri Oct 16 13:44:38 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA09707 for freebsd-questions-outgoing; Fri, 16 Oct 1998 13:44:38 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from neale.econ.vt.edu (neale.econ.vt.edu [128.173.173.159]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA09632 for ; Fri, 16 Oct 1998 13:44:20 -0700 (PDT) (envelope-from rdmurphy@neale.econ.vt.edu) Received: (from rdmurphy@localhost) by neale.econ.vt.edu (8.8.8/8.8.8) id QAA00652; Fri, 16 Oct 1998 16:44:52 -0400 (EDT) (envelope-from rdmurphy) Date: Fri, 16 Oct 1998 16:44:52 -0400 (EDT) Message-Id: <199810162044.QAA00652@neale.econ.vt.edu> From: "Russell D. Murphy" To: FreeBSD-Questions@FreeBSD.ORG Subject: natd setup Reply-to: rdmurphy@vt.edu Mime-Version: 1.0 (generated by tm-edit 7.106) Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm trying to set up natd, but am getting the following errors from ipfw: ---------- 00000 divert 8668 ip from any to any via de0 ipfw: setsockopt(IP_FW_ADD): Invalid argument 00000 allow ip from any to any ipfw: setsockopt(IP_FW_ADD): Invalid argument ---------- These arise from either interactive invocation or rc.firewall. Can anyone help? Thanks- Russ Murphy I'm running stable from May: FreeBSD neale.econ.vt.edu 2.2.7-STABLE FreeBSD 2.2.7-STABLE #0: Thu Oct 15 17:28:37 EDT 1998 rdmurphy@neale.econ.vt.edu:/usr/src/sys/compile/NEALE i386 /etc/rc.firewall has: ---------- ############ # Setup system for firewall service. fwcmd="/sbin/ipfw" ############ # Flush out the list before we begin. $fwcmd -f flush ############ # natd rules $fwcmd add divert natd log all from any to any via de0 $fwcmd add pass log all from any to any ---------- My kernel has: ---------- options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #print information about # dropped packets options "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default options IPDIVERT #divert sockets ---------- and /etc/rc.conf has: ---------- firewall_enable="YES" # Set to YES to enable firewall functionality firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall) firewall_quiet="NO" # Set to YES to suppress rule display network_interfaces="de0 ed0 lo0" # network interfaces (lo0 is loopback). ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration. ifconfig_de0="inet 123.456.789.012 netmask 255.255.252.0" # ethernet ^ (with valid IP address) ifconfig_ed0="inet 192.168.1.1 netmask 255.255.255.0" # ethernet gateway_enable="YES" # Set to YES if this host will be a gateway. forward_sourceroute="NO" # do source routing accept_sourceroute="NO" # accept source routed packets to us natd_enable="YES" # Enable natd if firewall_enable. natd_interface="de0" # Public interface to use with natd natd_flags="-log -use_sockets -same_ports" # Additional flags for natd. ---------- ----- Russell D. Murphy Department of Economics Virginia Polytechnic Institute and State University 3034 Pamplin Hall Blacksburg, Virginia 24061-0316 (540) 231-4537 rdmurphy@vt.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message