From owner-freebsd-current  Sat Aug 31 10:01:27 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id KAA28434
          for current-outgoing; Sat, 31 Aug 1996 10:01:27 -0700 (PDT)
Received: from mexico.brainstorm.eu.org (root@mexico.brainstorm.eu.org [193.56.58.253])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id KAA28406
          for <freebsd-current@FreeBSD.org>; Sat, 31 Aug 1996 10:01:18 -0700 (PDT)
Received: from brasil.brainstorm.eu.org (brasil.brainstorm.eu.org [193.56.58.33]) by mexico.brainstorm.eu.org (8.7.5/8.7.3) with ESMTP id TAA18094 for <freebsd-current@FreeBSD.org>; Sat, 31 Aug 1996 19:01:10 +0200
Received: (from uucp@localhost) by brasil.brainstorm.eu.org (8.6.12/8.6.12) with UUCP id TAA16233 for freebsd-current@FreeBSD.org; Sat, 31 Aug 1996 19:00:42 +0200
Received: (from roberto@localhost) by keltia.freenix.fr (8.8.Alpha.9/keltia-uucp-2.9) id SAA01875; Sat, 31 Aug 1996 18:55:01 +0200 (MET DST)
Message-Id: <199608311655.SAA01875@keltia.freenix.fr>
Date: Sat, 31 Aug 1996 18:55:01 +0200
From: roberto@keltia.freenix.fr (Ollivier Robert)
To: freebsd-current@FreeBSD.org (FreeBSD Current Users' list)
Subject: Re: IPFW changes
In-Reply-To: <Pine.BSI.3.91.960831074248.9954A-100000@Venus.mcs.com>; from Alex Nash on Aug 31, 1996 7:43:11 -0500
References: 	<Pine.BSI.3.91.960831074248.9954A-100000@Venus.mcs.com>
X-Mailer: Mutt 0.41
Mime-Version: 1.0
Sender: owner-current@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

According to Alex Nash:
> ipfw is complaining that it can't resolve the address '0' which is
> being caused by the newly merged bind-4.9.4-P1 resolver (merged in 3
> days ago).  For the time being, use the "any" keyword instead of
> "0/0".

OK, that's working now.

Another question, why the sysctl variables for IPFW not there ?

239 [18:47] root@keltia:/sys/netinet# sysctl net.inet.ip
net.inet.ip.portrange.lowfirst: 1023
net.inet.ip.portrange.lowlast: 600
net.inet.ip.portrange.first: 1024
net.inet.ip.portrange.last: 5000
net.inet.ip.portrange.hifirst: 40000
net.inet.ip.portrange.hilast: 44999
net.inet.ip.forwarding: 1
net.inet.ip.redirect: 1
net.inet.ip.ttl: 64
net.inet.ip.rtexpire: 3600
net.inet.ip.rtminexpire: 10
net.inet.ip.rtmaxcache: 128
net.inet.ip.sourceroute: 0
net.inet.ip.intr_queue_maxlen: 50
net.inet.ip.intr_queue_drops: 0
net.inet.ip.subnets_are_local: 1

They're defined in ip_fw.c but they do not appear with sysctl...

SYSCTL_NODE(net_inet_ip, OID_AUTO, fw, CTLFLAG_RW, 0, "Firewall");
SYSCTL_INT(net_inet_ip_fw, OID_AUTO, debug, CTLFLAG_RW, &fw_debug, 0, "");
SYSCTL_INT(net_inet_ip_fw, OID_AUTO, verbose, CTLFLAG_RW, &fw_verbose, 0, "");
SYSCTL_INT(net_inet_ip_fw, OID_AUTO, verbose_limit, CTLFLAG_RW, &fw_verbose_limit, 0, "");
 
Note: I don't use it as LKM but directly within the kernel...

-- 
Ollivier ROBERT    -=- The daemon is FREE! -=-    roberto@keltia.freenix.fr
FreeBSD keltia.freenix.fr 2.2-CURRENT #20: Fri Aug 30 23:00:02 MET DST 1996