Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 6 Oct 2005 11:30:40 +0800
From:      "Foo Ji-Haw" <jhfoo@nexlabs.com>
To:        <freebsd-questions@freebsd.org>
Subject:   Missing mention in ipfw in the Handbook
Message-ID:  <005b01c5ca26$54c4d180$c801a8c0@nexpc>

next in thread | raw e-mail | index | archive | help
For what it's worth, I'd like highlight a key point I think is missing, =
in the ipfw section of the Handbook. This has been discussed earlier =
with help from this mailing list community. I am just formalising the =
documentation.

The firewall that comes with the default kernel (at least on the 5.4 =
release) comes with forwarding disabled. As a result, if you try to do a =
ipfw fwd (or ipfw forward), you will get a getsockopt error.

The Handbook (at this time of writing) did not mention the inclusion of:
options IPFIREWALL_FORWARD

Recompiling the kernel with this thrown in will activate forwarding by =
default. I do not know if there is a sysctl parameter which can avoid =
the kernel recompile. If there is one, kindly contribute to the =
knowledge base (aka mailing list).

Hopefully this post will save the next FreeBSDer precious time.




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005b01c5ca26$54c4d180$c801a8c0>