Date: Fri, 13 Oct 2006 13:11:30 -0400 From: "fulan Peng" <fulanpeng@gmail.com> To: "Dan Nelson" <dnelson@allantgroup.com> Cc: freebsd-current@freebsd.org Subject: Re: Please help to forward port 80 to 8800 with ipfw Message-ID: <bf0f1bc90610131011i7c196bf4yb8e27462680a730e@mail.gmail.com> In-Reply-To: <20061013151728.GA41884@dan.emsphone.com> References: <bf0f1bc90610130746m311e56a0pa1531da9837a56c7@mail.gmail.com> <20061013151728.GA41884@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
After make LINT;make cleandepend;make depend;make; make install, I really rebooted the machine serveral time. I read somewhere says FreeBSD would not change its kernel unless you manually copy the new kernel to somewhere. I think this is my problem. I already tried to copy the GENERIC to my hostname file. And I changed the ident to my hostname. I added options IPFIREWALL options IPFIREWALL_FORWARD options IPFIREWALL_VERBOSE. I did not pass the make. Then I leave only one line there options IPFIREWALL_FORWARD Still won't pass the make command. Please help me to get the new LINT kernel to work. Thanks a lot! On 10/13/06, Dan Nelson <dnelson@allantgroup.com> wrote: > In the last episode (Oct 13), fulan Peng said: > > I am using Apache on FreeBSD. If I use port 80 for http port, it > > won't work because the security problem. So I configured Apache to > > listen port 8800. Now the customer has type > > http://breakevilaxis.org:8800 to get on my web site. This is no good. > > So I have to forward port 80 request to port 8800. I guess what I > > should do is to ipfw add 100 fwd 127.0.0.0,80 tcp from any to any > > 8800 in But I got an error when I execute the command. I have > > compiled the kernel with LINT configuration. I did make LINT, make > > cleandepend;make depend;make;make install I really do not what is the > > kernel I am running. I doubt it is still the old kernel which the > > IPFIREWALL_FORWARD is not selected. Please help me to achieve this. > > > > breakevilaxis#uname -a > > FreeBSD breakevilaxis.org 7.0-CURRENT-200610 FreeBSD > > 7.0-CURRENT-200610 #0: Mon Oct 2 05:44:21 UTC 2006 > > root@stiles.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 > > That says your system is running a GENERIC kernel, compiled Oct 2. My > guess is you didn't reboot after installing your new kernel. Also, you > probably don't want to install the LINT kernel, since it includes every > driver FreeBSD supports and lots of debugging code. Just copy GENERIC > to a new name, change the "ident" line to match the new filename, and > add IPFIREWALL_FORWARD to it. > > > breakevilaxis# ipfw add 100 fwd 127.0.0.1,80 tcp from any to any 8800 in > > ipfw: getsockopt(IP_FW_ADD): Invalid argument > > That command works fine on my system with IPFIREWALL_FORWARD in the > kernel, but you probably want to swap the port numbers. Your command > forwards port 8800 to port 80. > > ipfw add 100 fwd 127.0.0.1,8800 tcp from any to any 80 in > > > dmesg: > > ... > > Trying to mount root from ufs:/dev/ad8s1a > > ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding disabled, > > default to deny, logging disabled > > This line should have said "rule-based forwarding enabled" if > IPFIREWALL_FORWARD was in your kernel config. > > -- > Dan Nelson > dnelson@allantgroup.com >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bf0f1bc90610131011i7c196bf4yb8e27462680a730e>