From owner-freebsd-ipfw@FreeBSD.ORG  Tue Jun 29 19:26:20 2004
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 48C0016A4CF
	for <freebsd-ipfw@freebsd.org>; Tue, 29 Jun 2004 19:26:20 +0000 (GMT)
Received: from mailhost.wsf.at (server202.serveroffice.com [217.196.72.202])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9A16D43D1F
	for <freebsd-ipfw@freebsd.org>; Tue, 29 Jun 2004 19:26:18 +0000 (GMT)
	(envelope-from tw@wsf.at)
Received: from mailhost.wsf.at (root@localhost)i5TJNEuG046178
	for <freebsd-ipfw@freebsd.org>;
	Tue, 29 Jun 2004 21:23:14 +0200 (CEST)	(envelope-from tw@wsf.at)
Received: from mailhost.wsf.at (http.wsf.at [217.196.72.203])
	i5TJNCdn046170;	Tue, 29 Jun 2004 21:23:13 +0200 (CEST)
	(envelope-from tw@wsf.at)
Date: Tue, 29 Jun 2004 19:23:12 -0000
To: freebsd@stateautomation.com, freebsd-ipfw@freebsd.org
From: Thomas Wolf <tw@wsf.at>
X-Mailer: twiggi 1.10.3
Message-ID: <20040629212312.fsp0rmyjzpk4g0@.mailhost.wsf.at>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Re: ipdivert rule will not load
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: tw@wsf.at
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jun 2004 19:26:20 -0000


freebsd@stateautomation.com schrieb:

> ipfw will not accept a DIVERT rule. e.g the rule I am trying to add is.. 
> ipfw add 3000 divert 8668 ip from any to any via sis0 
> The response I get is... ipfw: getsockopt(IP_FW_ADD): Invalid argument 
> I have built a custom kernel with the following optional lines 
> options IPFIREWALL 
> options IPFIREWALL_VERBOSE 
> options IPFIREWALL_VERBOSE_LIMIT 
> options IPDIVERT 
> Does anyone know why the system will not accept the divert rule?  Thankyou.

The options seem to be correct, however the error message indicates
the lack of 'divert' in the kernel. Are you sure you properly
built and *installed* your custom kernel? Check the output of
'dmesg | grep divert', you should see '... divert enabled...',
otherwise something went wrong with your kernel build.

Thomas

--
Thomas Wolf
Wiener Software Fabrik
Dubas u. Wolf GMBH
1050 Wien, Mittersteig 4