Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 22 Aug 2000 03:00:18 -0700 (PDT)
From:      John Braun <uktests@yahoo.com>
To:        freebsd-isp@freebsd.org
Cc:        freebsd-ipfw@FreeBSD.ORG
Subject:   divert disabled
Message-ID:  <20000822100018.9998.qmail@web1401.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help 
Hello

I try to start router (BSD 3.2), 
but I get a not so satisfactory results. 

When BSD starting, it shows message
like this: "Divert disabled"

Where is a problem? 

My router configuration looks like that: 


1) Lines from /etc/defaults/rc.conf
===========================================
firewall_enable="YES"           firewall functionality
firewall_script="/etc/rc.firewall" 
firewall_type="OPEN"            
#!!!!!! (I also try firewall type UNKNOWN and SIMPLE)

firewall_quiet="NO"             
natd_program="/sbin/natd"       
natd_enable="YES"               
natd_interface="fxp0"           
natd_flags="-l -u -m"                   
#natd_flags=""

# !!! There I try to change firewall rules
/sbin/ipfw -f flush
/sbin/ipfw add divert natd all from any to any via
fxp0
/sbin/ipfw add pass all from any to any

tcp_extensions="NO"             
network_interfaces="lo0 rl0 fxp0"       
ifconfig_lo0="inet 127.0.0.1"   
ifconfig_fxp0="inet 159.148.166.75 netmask
255.255.255.248"
ifconfig_rl0="inet 192.168.37.9 netmask 255.255.255.0"

defaultrouter="159.148.166.73"           
static_routes=""                
gateway_enable="YES"            
router_enable="NO"              
router="routed"                 
router_flags="-q"               
mrouted_enable="NO"             
mrouted_flags=""                
arpproxy_all=""                 
forward_sourceroute="YES"       
accept_sourceroute="YES"                

============================================
2) My fw rules looks like that (ipfw -a l)

00100 149 17161 divert 8668 ip from any to any via
fxp0
00200  12   606 allow ip from any to any
65535   0     0 deny ip from any to any

============================================
3) My kernel configuration options: 
(/usr/src/sys/conf/options)

options   IPFIREWALL              opt_ipfw.h
options   IPDIVERT                opt_ipdivert.h
options   IPFIREWALL_FORWARD      opt_ipfw.h
options   IPFIREWALL_VERBOSE      opt_ipfw.h
============================================
4) When I try to ping some server, I got 
relpies: 

PING 159.148.60.2 (159.148.60.2): 56 data bytes

ping: sendto: Permission denied
ping: sendto: Permission denied
ping: sendto: Permission denied
ping: sendto: Permission denied

--- 159.148.60.2 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet
loss

============================================
============================================
What can I do? 

Regards, J.B.



__________________________________________________
Do You Yahoo!?
Yahoo! Mail – Free email you can access from anywhere!
http://mail.yahoo.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000822100018.9998.qmail>