From owner-freebsd-questions Thu May 10 8:39:15 2001 Delivered-To: freebsd-questions@freebsd.org Received: from cx316013-a.tucson1.az.home.com (cx316013-a.tucson1.az.home.com [24.21.112.237]) by hub.freebsd.org (Postfix) with ESMTP id B2B1737B422; Thu, 10 May 2001 08:39:10 -0700 (PDT) (envelope-from jew@desert.net) Received: from localhost (localhost [127.0.0.1]) by cx316013-a.tucson1.az.home.com (8.11.1/8.11.1) with ESMTP id f4A8cWu49317; Thu, 10 May 2001 08:38:32 GMT (envelope-from jew@desert.net) Date: Thu, 10 May 2001 08:38:32 +0000 (GMT) From: "Ward... James Ward" X-Sender: jew@cx316013-a.tucson1.az.home.com To: Ruslan Ermilov Cc: gmiddl1@gl.umbc.edu, freebsd-questions@FreeBSD.ORG Subject: Re: ipfw: getsockopt(IP_FW_ADD): Invalid argument In-Reply-To: <20010510100955.B9354@sunbay.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG That was it! I updated kernel AND binaries to 4.3-RELEASE and suddenly, I have a firewall! :-) On Thu, 10 May 2001, Ruslan Ermilov wrote: > Much probably, your userland is not in sync with the kernel. > Make sure you have src/sys/netinet/raw_ip.c,v 1.64.2.3. > > On Tue, May 08, 2001 at 11:43:20AM -0700, Ward... James Ward wrote: > > I read this thread from February and don't see a resolution. I'm having > > the exact same problem under FreeBSD 4.3. > > > > My firewall related kernel stuff: > > > > options BRIDGE > > options IPFIREWALL > > options IPFIREWALL_DEFAULT_TO_ACCEPT > > options IPFIREWALL_VERBOSE > > options IPFIREWALL_VERBOSE_LIMIT=100 > > options IPDIVERT > > > > My dmesg states: > > > > IP packet filtering initialized, divert enabled, rule-based forwarding > > disabled, default to accept, logging limited to 100 packets/entry by > > default > > BRIDGE 010131, have 10 interfaces > > -- index 1 type 6 phy 0 addrl 6 addr 00.04.5a.41.6d.5d > > -- index 2 type 6 phy 0 addrl 6 addr 00.04.5a.41.6d.13 > > ... > > net.link.ether.bridge: > > 0 > > >> now dc0 promisc ON if_flags 0xffff8943 bdg_flags 0x5 > > >> now dc1 promisc ON if_flags 0xffff8943 bdg_flags 0x5 > > -> > > 1 > > ... > > I get one of these for each invocation of "ipfw add..." in > > /etc/rc.firewall: > > > > ipfw: getsockopt(IP_FW_ADD): Invalid argument > > > > And then: > > > > Firewall rules loaded, starting divert daemons: . > > > > Any idea what my problem is? > > > > Thanks in advance, > > > > James > > -- > Ruslan Ermilov Oracle Developer/DBA, > ru@sunbay.com Sunbay Software AG, > ru@FreeBSD.org FreeBSD committer, > +380.652.512.251 Simferopol, Ukraine > > http://www.FreeBSD.org The Power To Serve > http://www.oracle.com Enabling The Information Age > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message