Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 1 Sep 1999 02:34:48 -0500 (CDT)
From:      Chris <chrisj@dv201s34.lawrence.ks.us>
To:        freebsd-questions@freebsd.org
Subject:   natd & ipfw
Message-ID:  <Pine.BSF.4.10.9909010218210.503-100000@dv201s34.lawrence.ks.us>
next in thread | raw e-mail | index | archive | help 
in tring to setup my internal network i've ran into some problems with
ipfw. everything was working with it fine untill i added the second
ethernet card. everything for the internal and external cards are
configured. from my fbsd box (the firewall and gateway) i can ping both my
internal ips and also external. Where i am run into the real problem is in
tring to get ipfw to divert packets to natd and my subnet or really do
anything at
all now. all of the rules that i had been able to load before now load
with errors somewhat like this

ipfw: setsockopt(IP_FW_ADD): Invalid argument
00300 allow ip from 24.124.34.201 to 24.124.34.0/27
ipfw: setsockopt(IP_FW_ADD): Invalid argument
00400 allow ip from 24.124.34.0/27 to 24.124.34.201
ipfw: setsockopt(IP_FW_ADD): Invalid argument
00500 deny log tcp from any to 24.124.34.201 111
ipfw: setsockopt(IP_FW_ADD): Invalid argument

from my kernel config file i have

options         IPFIREWALL              #firewall support  
options         IPFIREWALL_VERBOSE      #firewall logging support
options         "IPFIREWALL_VERBOSE_LIMIT=100" #limit logging
options         IPFIREWALL_DEFAULT_TO_ACCEPT
options         IPDIVERT

uname -a 

FreeBSD dv201s34.lawrence.ks.us 3.2-STABLE FreeBSD 3.2-STABLE #0: Tue Aug
31 17:56:29 CDT 1999
chrisj@dv201s34.lawrence.ks.us:/usr/src/sys/compile/OUTCAST  i386

i was thinking that perhaps my ipfw code was out of sink with the
filtering code in the kernel i've cvsup'd and rebuild the kernel sence
then but have not done a make world. i've tried to reinstall ipfw from the
src but the make always dies complaning about erros in the ipfw.c file.

any thoughts would be great

thanks chris



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9909010218210.503-100000>