Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 1 Jul 2004 18:58:33 +1000 
From:      administrator@stateautomation.com
To:        freebsd-ipfw@freebsd.org
Subject:   RE: ipdivert rule will not load
Message-ID:  <BF7916625596914581732F223B113D33019F@MELEXC01>

next in thread | raw e-mail | index | archive | help


> -----Original Message-----
> From:	Thomas Wolf [SMTP:tw@wsf.at]
> Sent:	Wednesday, 30 June 2004 5:23 AM
> To:	freebsd@stateautomation.com; freebsd-ipfw@freebsd.org
> Subject:	Re: ipdivert rule will not load
> 
> 
> freebsd@stateautomation.com schrieb:
> 
> > ipfw will not accept a DIVERT rule. e.g the rule I am trying to add is..
> 
> > ipfw add 3000 divert 8668 ip from any to any via sis0 
> > The response I get is... ipfw: getsockopt(IP_FW_ADD): Invalid argument 
> > I have built a custom kernel with the following optional lines 
> > options IPFIREWALL 
> > options IPFIREWALL_VERBOSE 
> > options IPFIREWALL_VERBOSE_LIMIT 
> > options IPDIVERT 
> > Does anyone know why the system will not accept the divert rule?
> Thankyou.
> 
> The options seem to be correct, however the error message indicates
> the lack of 'divert' in the kernel. Are you sure you properly
> built and *installed* your custom kernel? Check the output of
> 'dmesg | grep divert', you should see '... divert enabled...',
> otherwise something went wrong with your kernel build.
> 
> Thomas
> 
	Thomas, you are right - thankyou. The output of "dmesg | grep
divert" shows that divert is disabled.
	kldstat also shows that the loadable module ipfw.ko is loaded which
suggests that that may
	be stopping ipfw being loaded in the main kernel (and therefore
divert sockets not being available -
	I read this in a post in the archives).  Does anyone know where to
look to see where the loadable module
	ipfw.ko may be getting loaded?  Is there a way I can grep for the
pattern ipfw.ko from the / directory so that
	it will look for a match on my entire file system? When I use
	grep -r -i ipfw.ko /* |more   (to search my entire filesystem from
the / directory)
	I get the response grep: memory exhausted (I have 256MB RAM).
Thanks for any responses.

	Regards,
	J.S.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BF7916625596914581732F223B113D33019F>