From owner-freebsd-net@FreeBSD.ORG Sun Oct 7 14:24:00 2007 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C078716A46E for ; Sun, 7 Oct 2007 14:24:00 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from webmail30.mail.yandex.net (webmail30.mail.yandex.net [213.180.200.154]) by mx1.freebsd.org (Postfix) with ESMTP id 1F8CA13C4C2 for ; Sun, 7 Oct 2007 14:24:00 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from YAMAIL (webmail30) by mail.yandex.ru id S4645201AbXJGMyt for ; Sun, 7 Oct 2007 16:54:49 +0400 X-Yandex-Spam: 1 Received: from [77.72.136.70] ([77.72.136.70]) by mail.yandex.ru with HTTP; Sun, 07 Oct 2007 16:54:49 +0400 From: "Andrey V. Elsukov" To: randy@psg.com In-Reply-To: 1550000000223575699 References: 1550000000223575699 MIME-Version: 1.0 Message-Id: <654641191761689@webmail30.yandex.ru> Date: Sun, 07 Oct 2007 16:54:49 +0400 X-Mailer: Yamail [ http://yandex.ru ] 5.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain Cc: freebsd-net@freebsd.org Subject: Re: ipfw nat befuddlement X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Oct 2007 14:24:00 -0000 > i386 current > # grep -n nat /etc/ipfw.rules > 33:add nat 42 all from any to any > 34:add nat 42 config if vr0 same_ports unreg_only > # ipfw -q /etc/ipfw.rules > Line 33: getsockopt(IP_FW_ADD): Invalid argument > kernel has > options IPFIREWALL > options IPFIREWALL_VERBOSE #enable logging to syslogd(8) > options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity > options IPDIVERT > options LIBALIAS You need also: options IPFIREWALL_NAT #ipfw kernel nat support -- WBR, Andrey V. Elsukov