Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 13 Oct 2006 13:11:30 -0400
From:      "fulan Peng" <fulanpeng@gmail.com>
To:        "Dan Nelson" <dnelson@allantgroup.com>
Cc:        freebsd-current@freebsd.org
Subject:   Re: Please help to forward port 80 to 8800 with ipfw
Message-ID:  <bf0f1bc90610131011i7c196bf4yb8e27462680a730e@mail.gmail.com>
In-Reply-To: <20061013151728.GA41884@dan.emsphone.com>
References:  <bf0f1bc90610130746m311e56a0pa1531da9837a56c7@mail.gmail.com> <20061013151728.GA41884@dan.emsphone.com>

next in thread | previous in thread | raw e-mail | index | archive | help
After make LINT;make cleandepend;make depend;make; make install, I
really rebooted the machine serveral time.
I read somewhere says FreeBSD would not change its kernel unless you
manually copy the new kernel to somewhere. I think this is my problem.
I already tried to copy the GENERIC to my hostname file.
And I changed the ident to my hostname. I added
options IPFIREWALL
options IPFIREWALL_FORWARD
options IPFIREWALL_VERBOSE.
I did not pass the make.
Then I leave only one line there
options IPFIREWALL_FORWARD
Still won't pass the make command.
Please help me to get the new LINT kernel to work.
Thanks a lot!


On 10/13/06, Dan Nelson <dnelson@allantgroup.com> wrote:
> In the last episode (Oct 13), fulan Peng said:
> > I am using Apache on FreeBSD. If I use port 80 for http port, it
> > won't work because the security problem. So I configured Apache to
> > listen port 8800. Now the customer has type
> > http://breakevilaxis.org:8800 to get on my web site. This is no good.
> > So I have to forward port 80 request to port 8800. I guess what I
> > should do is to ipfw add 100 fwd 127.0.0.0,80 tcp from any to any
> > 8800 in But I got an error when I execute the command. I have
> > compiled the kernel with LINT configuration. I did make LINT, make
> > cleandepend;make depend;make;make install I really do not what is the
> > kernel I am running. I doubt it is still the old kernel which the
> > IPFIREWALL_FORWARD is not selected. Please help me to achieve this.
> >
> > breakevilaxis#uname -a
> > FreeBSD breakevilaxis.org 7.0-CURRENT-200610 FreeBSD
> > 7.0-CURRENT-200610 #0: Mon Oct  2 05:44:21 UTC 2006
> > root@stiles.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  amd64
>
> That says your system is running a GENERIC kernel, compiled Oct 2.  My
> guess is you didn't reboot after installing your new kernel.  Also, you
> probably don't want to install the LINT kernel, since it includes every
> driver FreeBSD supports and lots of debugging code.  Just copy GENERIC
> to a new name, change the "ident" line to match the new filename, and
> add IPFIREWALL_FORWARD to it.
>
> > breakevilaxis# ipfw add 100 fwd 127.0.0.1,80 tcp from any to any 8800 in
> > ipfw: getsockopt(IP_FW_ADD): Invalid argument
>
> That command works fine on my system with IPFIREWALL_FORWARD in the
> kernel, but you probably want to swap the port numbers.  Your command
> forwards port 8800 to port 80.
>
> ipfw add 100 fwd 127.0.0.1,8800 tcp from any to any 80 in
>
> > dmesg:
> > ...
> > Trying to mount root from ufs:/dev/ad8s1a
> > ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding disabled,
> > default to deny, logging disabled
>
> This line should have said "rule-based forwarding enabled" if
> IPFIREWALL_FORWARD was in your kernel config.
>
> --
>        Dan Nelson
>        dnelson@allantgroup.com
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bf0f1bc90610131011i7c196bf4yb8e27462680a730e>