Date: Tue, 7 May 2002 00:13:49 +0400 (MSD) From: Dmitry Morozovsky <marck@rinet.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: i386/37799: [patch] ipfw_divert kernel module (for natd) Message-ID: <200205062013.g46KDnw11276@woozle.rinet.ru>
next in thread | raw e-mail | index | archive | help
>Number: 37799
>Category: i386
>Synopsis: [patch] ipfw_divert kernel module (for natd)
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon May 06 13:20:01 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Dmitry Morozovsky
>Release: FreeBSD 4-STABLE i386
>Organization:
Cronyx Plus LLC (RiNet ISP)
>Environment:
System: FreeBSD 4-STABLE (currently 4.6-PRE)
>Description:
If someone wants to use kernel-loadable ipfw with natd, [s]he has to either
recompile kernel with IPFIREWALL and IPDIVERT options, or recompile
ipfw.ko by hand using -DIPDIVERT
So, I suppose a little slave module may be used.
>How-To-Repeat:
[none]
>Fix:
Add sys/modules/ipfw_divert directory with Makefile in it:
---
# $FreeBSD$
MASTER= ../ipfw
CFLAGS+= -DIPDIVERT
KMOD= ipfw-divert
.include "${MASTER}/Makefile"
----
Apply the following patch:
Index: modules/Makefile
===================================================================
RCS file: /home/ncvs/src/sys/modules/Makefile,v
retrieving revision 1.110.2.50
diff -u -r1.110.2.50 Makefile
--- modules/Makefile 4 May 2002 08:23:52 -0000 1.110.2.50
+++ modules/Makefile 6 May 2002 20:01:11 -0000
@@ -34,6 +34,7 @@
ip6fw \
ipfilter \
ipfw \
+ ipfw_divert \
ispfw \
joy \
kernfs \
Index: boot/forth/loader.conf
===================================================================
RCS file: /home/ncvs/src/sys/boot/forth/loader.conf,v
retrieving revision 1.25.2.18
diff -u -r1.25.2.18 loader.conf
--- boot/forth/loader.conf 28 Apr 2002 22:49:54 -0000 1.25.2.18
+++ boot/forth/loader.conf 6 May 2002 19:56:01 -0000
@@ -138,7 +138,8 @@
if_ppp_load="NO" # Kernel ppp
if_sl_load="NO" # SLIP
if_tun_load="NO" # Tunnel driver (user process ppp)
-ipfw_load="NO" # Firewall
+ipfw_load="NO" # Firewall (mutually exclusive with the next)
+ipfw_divert_load="NO" # Firewall with divert
##############################################################
Index: modules/ipfw/Makefile
===================================================================
RCS file: /home/ncvs/src/sys/modules/ipfw/Makefile,v
retrieving revision 1.11
diff -u -r1.11 Makefile
--- modules/ipfw/Makefile 28 Aug 1999 00:47:21 -0000 1.11
+++ modules/ipfw/Makefile 6 May 2002 19:37:26 -0000
@@ -1,7 +1,7 @@
# $FreeBSD: src/sys/modules/ipfw/Makefile,v 1.11 1999/08/28 00:47:21 peter Exp $
.PATH: ${.CURDIR}/../../netinet
-KMOD= ipfw
+KMOD?= ipfw
SRCS= ip_fw.c
NOMAN=
CFLAGS+= -DIPFIREWALL
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205062013.g46KDnw11276>