From owner-freebsd-ipfw Sun Aug 4 5:20:18 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2E6DC37B400 for ; Sun, 4 Aug 2002 05:20:12 -0700 (PDT) Received: from relay02.esat.net (relay02.esat.net [192.111.39.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id A79E943E42 for ; Sun, 4 Aug 2002 05:20:11 -0700 (PDT) (envelope-from phil@ipac.ie) Received: from ipac-gw.cr001.ddm.esat.net (mail.rfc-networks.ie) [193.95.188.30] by relay02.esat.net with esmtp id 17bKMk-00072B-00; Sun, 04 Aug 2002 13:20:10 +0100 Received: from tear.domain (unknown [10.0.1.254]) by mail.rfc-networks.ie (Postfix) with ESMTP id 3BF4E54834 for ; Sun, 4 Aug 2002 12:24:08 +0100 (IST) Received: by tear.domain (Postfix, from userid 1000) id AA83221146; Sun, 4 Aug 2002 13:21:13 +0000 (GMT) Date: Sun, 4 Aug 2002 13:21:13 +0000 From: Philip Reynolds To: freebsd-ipfw@freebsd.org Subject: Re: divert not working in 4.6.1-RELEASE-p7 ??? Message-ID: <20020804132113.C3361@rfc-networks.ie> Reply-To: philip.reynolds@rfc-networks.ie References: <200208041047.04043.duncan.young@pobox.com> <20020804131809.B3361@rfc-networks.ie> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020804131809.B3361@rfc-networks.ie>; from philip.reynolds@rfc-networks.ie on Sun, Aug 04, 2002 at 01:18:09PM +0000 X-Operating-System: FreeBSD 4.6-STABLE X-URL: http://www.rfc-networks.ie Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Philip Reynolds 27 lines of wisdom included: > Duncan Young 21 lines of wisdom included: > > Hi all, > > > > I did have ipfw working fine, but since a recent patch upgrade I am getting > > the following error when I add my divert rules: > > > > i.e. from the command line: > > > > toyo# ipfw 2000 add divert natd all from any to any in via sis0 > > ipfw: getsockopt(IP_FW_ADD): Invalid argument > > > > Has anyone any idea's on why it's occurring? > > > > Any suggestions would be appreciated. > > Are you sure you are not using the loadable module of IPFW which > does not support divert sockets. > > Just in case, double check that kldstat does _not_ show ipfw.ko Sorry for replying to my own mail, but the two lines you should have in your configuration for divert sockets are: options IPFIREWALL options IPDIVERT Make sure you are running your custom kernel and not GENERIC (``uname -v'') Is it purely the divert lines which are failing. Also, what patch upgrade did you do, and what version of FreeBSD are you running? -- Philip Reynolds | Technical Director philip.reynolds@rfc-networks.ie | RFC Networks Ltd. http://www.rfc-networks.ie | +353 (0)1 8832063 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message