From owner-freebsd-isp Tue Aug 22 2:58:26 2000 Delivered-To: freebsd-isp@freebsd.org Received: from web1401.mail.yahoo.com (web1401.mail.yahoo.com [128.11.23.165]) by hub.freebsd.org (Postfix) with SMTP id 72ED637B423 for ; Tue, 22 Aug 2000 02:58:18 -0700 (PDT) Received: (qmail 9999 invoked by uid 60001); 22 Aug 2000 10:00:18 -0000 Message-ID: <20000822100018.9998.qmail@web1401.mail.yahoo.com> Received: from [159.148.130.2] by web1401.mail.yahoo.com; Tue, 22 Aug 2000 03:00:18 PDT Date: Tue, 22 Aug 2000 03:00:18 -0700 (PDT) From: John Braun Subject: divert disabled To: freebsd-isp@freebsd.org Cc: freebsd-ipfw@FreeBSD.ORG MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello I try to start router (BSD 3.2), but I get a not so satisfactory results. When BSD starting, it shows message like this: "Divert disabled" Where is a problem? My router configuration looks like that: 1) Lines from /etc/defaults/rc.conf =========================================== firewall_enable="YES" firewall functionality firewall_script="/etc/rc.firewall" firewall_type="OPEN" #!!!!!! (I also try firewall type UNKNOWN and SIMPLE) firewall_quiet="NO" natd_program="/sbin/natd" natd_enable="YES" natd_interface="fxp0" natd_flags="-l -u -m" #natd_flags="" # !!! There I try to change firewall rules /sbin/ipfw -f flush /sbin/ipfw add divert natd all from any to any via fxp0 /sbin/ipfw add pass all from any to any tcp_extensions="NO" network_interfaces="lo0 rl0 fxp0" ifconfig_lo0="inet 127.0.0.1" ifconfig_fxp0="inet 159.148.166.75 netmask 255.255.255.248" ifconfig_rl0="inet 192.168.37.9 netmask 255.255.255.0" defaultrouter="159.148.166.73" static_routes="" gateway_enable="YES" router_enable="NO" router="routed" router_flags="-q" mrouted_enable="NO" mrouted_flags="" arpproxy_all="" forward_sourceroute="YES" accept_sourceroute="YES" ============================================ 2) My fw rules looks like that (ipfw -a l) 00100 149 17161 divert 8668 ip from any to any via fxp0 00200 12 606 allow ip from any to any 65535 0 0 deny ip from any to any ============================================ 3) My kernel configuration options: (/usr/src/sys/conf/options) options IPFIREWALL opt_ipfw.h options IPDIVERT opt_ipdivert.h options IPFIREWALL_FORWARD opt_ipfw.h options IPFIREWALL_VERBOSE opt_ipfw.h ============================================ 4) When I try to ping some server, I got relpies: PING 159.148.60.2 (159.148.60.2): 56 data bytes ping: sendto: Permission denied ping: sendto: Permission denied ping: sendto: Permission denied ping: sendto: Permission denied --- 159.148.60.2 ping statistics --- 3 packets transmitted, 0 packets received, 100% packet loss ============================================ ============================================ What can I do? Regards, J.B. __________________________________________________ Do You Yahoo!? Yahoo! Mail – Free email you can access from anywhere! http://mail.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message