From owner-freebsd-questions@FreeBSD.ORG Thu Apr 5 13:58:42 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2CE1B16A402 for ; Thu, 5 Apr 2007 13:58:42 +0000 (UTC) (envelope-from jonathan@hst.org.za) Received: from sirian.hst.org.za (sirian.hst.org.za [209.203.2.130]) by mx1.freebsd.org (Postfix) with ESMTP id B226B13C46E for ; Thu, 5 Apr 2007 13:58:40 +0000 (UTC) (envelope-from jonathan@hst.org.za) Received: from localhost (localhost.hst.org.za [127.0.0.1]) by sirian.hst.org.za (Postfix) with ESMTP id 73BF831E1A0; Thu, 5 Apr 2007 15:57:02 +0200 (SAST) Received: from sirian.hst.org.za ([127.0.0.1]) by localhost (sirian.hst.org.za [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 73235-09; Thu, 5 Apr 2007 15:57:02 +0200 (SAST) Received: from sysadmin.hst.org.za (sysadmin.int.dbn.hst.org.za [10.1.1.20]) by sirian.hst.org.za (Postfix) with ESMTP id A8B9E31E199; Thu, 5 Apr 2007 15:57:01 +0200 (SAST) From: Jonathan McKeown Organization: Health Systems Trust To: freebsd-questions@freebsd.org Date: Thu, 5 Apr 2007 16:01:01 +0200 User-Agent: KMail/1.7.2 References: <20070403105841.A98763@badger.tltodd.com> <20070405084208.A4130@badger.tltodd.com> In-Reply-To: <20070405084208.A4130@badger.tltodd.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200704051601.01747.jonathan@hst.org.za> X-Virus-Scanned: by amavisd-new at hst.org.za Cc: Terry Todd Subject: Re: ipfw fwd not working in 6.2-release X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Apr 2007 13:58:42 -0000 > On Thursday 05 April 2007 15:42, Terry Todd wrote: > > On Tue, Apr 03, 2007 at 10:58:41AM -0500, Terry Todd wrote: > > I have tried to get ipfw fwd to work in 6.2-release but it always barfs. > > > > I have recompiled and installed a custom kernel with > > options IPFIREWALL_FORWARD [adding a fwd rule] > > ipfw: getsockopt(IP_FW_ADD): Invalid argument [snip] > > Anyone else see this behaviour? > I tried this on a second machine and it does the same thing. > > ipfw: getsockopt(IP_FW_ADD): Invalid argument > > Could someone try running this on a 6.2-RELEASE system and tell me what you > get: > > # ipfw add forward 127.0.0.1,3128 tcp from not me to any 80 in via > [interface device] I'm seeing the same thing having just upgraded a working 6.0-RELEASE box. Since the only kernel option I had set on either version of the OS was IPFIREWALL_FORWARD, the system is loading ipfw.ko, ipdivert.ko and dummynet.ko automatically. Has the way ipfw.ko is built changed? Do we need to compile ipfw into the kernel to use ipfw fwd rules now? Or can I force ipfw.ko to be rebuilt with forwarding included? Jonathan