From owner-freebsd-questions Wed Sep 1 0:34:45 1999 Delivered-To: freebsd-questions@freebsd.org Received: from dv201s34.lawrence.ks.us (dv201s34.lawrence.ks.us [24.124.34.201]) by hub.freebsd.org (Postfix) with ESMTP id CA30814D96 for ; Wed, 1 Sep 1999 00:34:41 -0700 (PDT) (envelope-from chrisj@dv201s34.lawrence.ks.us) Received: from localhost (chrisj@localhost) by dv201s34.lawrence.ks.us (8.9.3/8.9.2) with ESMTP id CAA00546 for ; Wed, 1 Sep 1999 02:34:48 -0500 (CDT) (envelope-from chrisj@dv201s34.lawrence.ks.us) Date: Wed, 1 Sep 1999 02:34:48 -0500 (CDT) From: Chris To: freebsd-questions@freebsd.org Subject: natd & ipfw Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG in tring to setup my internal network i've ran into some problems with ipfw. everything was working with it fine untill i added the second ethernet card. everything for the internal and external cards are configured. from my fbsd box (the firewall and gateway) i can ping both my internal ips and also external. Where i am run into the real problem is in tring to get ipfw to divert packets to natd and my subnet or really do anything at all now. all of the rules that i had been able to load before now load with errors somewhat like this ipfw: setsockopt(IP_FW_ADD): Invalid argument 00300 allow ip from 24.124.34.201 to 24.124.34.0/27 ipfw: setsockopt(IP_FW_ADD): Invalid argument 00400 allow ip from 24.124.34.0/27 to 24.124.34.201 ipfw: setsockopt(IP_FW_ADD): Invalid argument 00500 deny log tcp from any to 24.124.34.201 111 ipfw: setsockopt(IP_FW_ADD): Invalid argument from my kernel config file i have options IPFIREWALL #firewall support options IPFIREWALL_VERBOSE #firewall logging support options "IPFIREWALL_VERBOSE_LIMIT=100" #limit logging options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT uname -a FreeBSD dv201s34.lawrence.ks.us 3.2-STABLE FreeBSD 3.2-STABLE #0: Tue Aug 31 17:56:29 CDT 1999 chrisj@dv201s34.lawrence.ks.us:/usr/src/sys/compile/OUTCAST i386 i was thinking that perhaps my ipfw code was out of sink with the filtering code in the kernel i've cvsup'd and rebuild the kernel sence then but have not done a make world. i've tried to reinstall ipfw from the src but the make always dies complaning about erros in the ipfw.c file. any thoughts would be great thanks chris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message