Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 16 Oct 1998 16:44:52 -0400 (EDT)
From:      "Russell D. Murphy" <rdmurphy@vt.edu>
To:        FreeBSD-Questions@FreeBSD.ORG
Subject:   natd setup
Message-ID:  <199810162044.QAA00652@neale.econ.vt.edu>
next in thread | raw e-mail | index | archive | help 

I'm trying to set up natd, but am getting the following errors
from ipfw:

----------
00000 divert 8668 ip from any to any via de0
ipfw: setsockopt(IP_FW_ADD): Invalid argument
00000 allow ip from any to any
ipfw: setsockopt(IP_FW_ADD): Invalid argument
----------

These arise from either interactive invocation or rc.firewall.
Can anyone help?

Thanks-

Russ Murphy

I'm running stable from May:

FreeBSD neale.econ.vt.edu 2.2.7-STABLE FreeBSD 2.2.7-STABLE #0: 
   Thu Oct 15 17:28:37 EDT 1998
   rdmurphy@neale.econ.vt.edu:/usr/src/sys/compile/NEALE  i386 

/etc/rc.firewall has:
----------
############
# Setup system for firewall service.

fwcmd="/sbin/ipfw"

############
# Flush out the list before we begin.
$fwcmd -f flush

############
# natd rules
$fwcmd add divert natd log all from any to any via de0
$fwcmd add pass log all from any to any
----------

My kernel has:
----------
options         IPFIREWALL              #firewall
options         IPFIREWALL_VERBOSE      #print information about
					# dropped packets
options		"IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity
options		IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
options		IPDIVERT		#divert sockets
----------

and /etc/rc.conf has:
----------
firewall_enable="YES"		# Set to YES to enable firewall functionality
firewall_type="UNKNOWN"		# Firewall type (see /etc/rc.firewall)
firewall_quiet="NO"		# Set to YES to suppress rule display
network_interfaces="de0 ed0 lo0" # network interfaces (lo0 is loopback).
ifconfig_lo0="inet 127.0.0.1"	# default loopback device configuration.
ifconfig_de0="inet 123.456.789.012 netmask 255.255.252.0" # ethernet
                   ^ (with valid IP address)
ifconfig_ed0="inet 192.168.1.1 netmask 255.255.255.0" # ethernet 

gateway_enable="YES"		# Set to YES if this host will be a gateway.
forward_sourceroute="NO"	# do source routing 
accept_sourceroute="NO"		# accept source routed packets to us
natd_enable="YES"               # Enable natd if firewall_enable.
natd_interface="de0"            # Public interface to use with natd
natd_flags="-log -use_sockets -same_ports"    # Additional flags for natd.
----------

-----
Russell D. Murphy
Department of Economics
Virginia Polytechnic Institute and State University
3034 Pamplin Hall
Blacksburg, Virginia  24061-0316
(540) 231-4537
rdmurphy@vt.edu

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199810162044.QAA00652>