Date: Mon, 18 Nov 2002 23:26:53 +0200 From: "Vladislav V. Zhuk" <admin@dru.dn.ua> To: stable@FreeBSD.ORG Subject: IPFW2 and FreeBSD 4.7-RELEASE-p2 #0: Sun Nov 17 19:25:19 Message-ID: <20021118212653.GA68828@dru.dn.ua>
next in thread | raw e-mail | index | archive | help
Hi! I added "options IPFW2" to my kernel config, and "IPFW2=TRUE" to /etc/make.conf, cvsuped to RELENG_4_7. Make and install world/kernel, run mergemaster. After update (I did this routinely) IPFW don't forward packets. Divert, allow, deny, reject - all work fine, fwd don't work. What can I do to use forward in IPFW2 ?? Help!!! PS: from my kernel config: options IPFW2 options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_FORWARD options IPFIREWALL_VERBOSE_LIMIT=100 options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT options ACCEPT_FILTER_DATA options ACCEPT_FILTER_HTTP options ICMP_BANDLIM options DUMMYNET -------------------------------------------- sysctl -a .... net.inet.ip.forwarding: 1 net.inet.ip.redirect: 1 .... net.inet.ip.sourceroute: 0 .... net.inet.ip.accept_sourceroute: 0 net.inet.ip.fastforwarding: 0 ..... net.inet.ip.dummynet.hash_size: 64 net.inet.ip.dummynet.curr_time: 9792515 net.inet.ip.dummynet.ready_heap: 16 net.inet.ip.dummynet.extract_heap: 0 net.inet.ip.dummynet.searches: 0 net.inet.ip.dummynet.search_steps: 0 net.inet.ip.dummynet.expire: 1 net.inet.ip.dummynet.max_chain_len: 16 net.inet.ip.dummynet.red_lookup_depth: 256 net.inet.ip.dummynet.red_avg_pkt_size: 512 net.inet.ip.dummynet.red_max_pkt_size: 1500 net.inet.ip.fw.enable: 1 net.inet.ip.fw.autoinc_step: 100 net.inet.ip.fw.one_pass: 1 net.inet.ip.fw.debug: 1 net.inet.ip.fw.verbose: 1 net.inet.ip.fw.verbose_limit: 100 net.inet.ip.fw.dyn_buckets: 256 net.inet.ip.fw.curr_dyn_buckets: 256 net.inet.ip.fw.dyn_count: 0 net.inet.ip.fw.dyn_max: 4096 net.inet.ip.fw.static_count: 82 net.inet.ip.fw.dyn_ack_lifetime: 300 net.inet.ip.fw.dyn_syn_lifetime: 20 net.inet.ip.fw.dyn_fin_lifetime: 1 net.inet.ip.fw.dyn_rst_lifetime: 1 net.inet.ip.fw.dyn_udp_lifetime: 10 net.inet.ip.fw.dyn_short_lifetime: 5 net.inet.ip.fw.dyn_keepalive: 1 net.inet.ip.maxfragpackets: 1024 net.inet.ip.check_interface: 0 -- Vladislav V. Zhuk (06267)3-60-03 admin@dru.dn.ua 2:465/197@FidoNet.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021118212653.GA68828>