Date: Sun, 13 Oct 2002 08:27:14 -0400 From: Dan Pelleg <daniel+fbsdq@pelleg.org> To: Neil Darlow <neil@darlow.co.uk> Cc: freebsd-questions@freebsd.org Subject: RE: IPFW2 on 4.7-RELEASE Message-ID: <15785.26274.306030.914187@gargle.gargle.HOWL>
next in thread | raw e-mail | index | archive | help
> Has anyone got IPFW2 working on 4.7-RELEASE? I've been using IPFW/natd > successfully since 4.2 but my attempts to do the same with IPFW2 have failed. > > I added IPFW2=true to /etc/make.conf and "options IPFW2" to my kernel config > then rebuilt libalias, ipfw and my kernel. > > At boot I get the message output that natd has started but the boot process > then stops at the point where it previously output "Firewall Logging=YES" to > the console. IPFW2 definitely does work on 4.7. It also seems you built it correctly. My best guess is that your ruleset does not get parsed by IPFW2's parser. There are a few minor changes between the parsers. For example, IPFW's would accept "icmptype" but IPFW2's insists on it being the correct "icmptypes". There are a few more like this (eg, limit and keep-state are now enforced not to qualify the same rule). So try booting that machine with no rules at all, or just enough of them to let you work on it, then try them out one by one and see where it stops. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15785.26274.306030.914187>