From owner-freebsd-hackers Thu Feb 8 20:03:44 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id UAA26385 for hackers-outgoing; Thu, 8 Feb 1996 20:03:44 -0800 (PST) Received: from anacreon.sol.net (anacreon.sol.net [206.55.64.116]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id UAA26378 for ; Thu, 8 Feb 1996 20:03:39 -0800 (PST) Received: from solaria.sol.net (solaria.sol.net [206.55.65.75]) by anacreon.sol.net (8.6.12/8.6.12) with ESMTP id WAA19231; Thu, 8 Feb 1996 22:03:13 -0600 Received: from localhost by solaria.sol.net (8.5/8.5) id WAA11721; Thu, 8 Feb 1996 22:04:22 -0600 From: Joe Greco Message-Id: <199602090404.WAA11721@solaria.sol.net> Subject: Re: IPFW Accounting problem (Yes, again.....) To: turetta@stylo.it (Angelo Turetta) Date: Thu, 8 Feb 96 22:04:20 CST Cc: freebsd-hackers@FreeBSD.ORG In-Reply-To: from "Angelo Turetta" at Feb 8, 96 09:53:54 pm X-Mailer: ELM [version 2.4dev PL65] MIME-Version: 1.0 Content-Type: text Sender: owner-hackers@FreeBSD.ORG Precedence: bulk > > > Well, it's my third attempt on the lists with this subject, I hope this time > someone will try to understand what my problem actually is. > > I'm running 2.0.5R as a router, linking the company LAN to the internet via > a dedicated ppp V34 connection (BTW, thanks to Doug Rabson, I've compiled > the -current version of IIJPPP and it hangs no more on heavy outgoing > traffic: all 2.0.5 users should update their ppp). > > I'm trying to use ipfw accounting capabilities to monitor the line usage by > workstation, but every time I try to manipulate the rules, I get the > infamous: > > ipfw: setsockopt failed. > > (I remember someone suggested adding some more diagnostic output to error > messages, I agree :-) > No matter what command, I tried 'ipfw f', 'ipfw adda bidirectional all from > 0/0 to 0/0 via 194.21.207.250', and others without any luck: only 'ipfw l' > works :-( > > Joe Greco confirmed that he got accounting to work on 2.0.5R, so there must > be some option missing (or conflicting) in my kernel configuration. > Anyone can please look at it, and maybe help me make some sense out of this? Your configuration looked OK to me. The following is what I am using on gateway.inr.sol.net: --------------------------------------------------------------- # # ROUTER_ET -- Generic machine with WD/AHx/NCR/BTx family disks # # ROUTER_ET,v 1.45.2.3 1995/06/05 21:50:41 jkh Exp # machine "i386" cpu "I386_CPU" cpu "I486_CPU" cpu "I586_CPU" ident "ROUTER_ET" maxusers 16 options MATH_EMULATE #Support for x87 emulation options INET #InterNETworking options FFS #Berkeley Fast Filesystem options NFS #Network Filesystem #options MSDOSFS #MSDOS Filesystem #options "CD9660" #ISO 9660 Filesystem options PROCFS #Process filesystem options "COMPAT_43" #Compatible with BSD 4.3 options "SCSI_DELAY=15" #Be pessimistic about Joe SCSI device options BOUNCE_BUFFERS #include support for DMA bounce buffers options UCONSOLE #Allow users to grab the console options GATEWAY #internetwork gateway options MROUTING # Multicast routing options IPFIREWALL #firewall options IPACCT #ipaccounting config kernel root on wd0 controller isa0 controller pci0 controller fdc0 at isa? port "IO_FD1" bio irq 6 drq 2 vector fdintr disk fd0 at fdc0 drive 0 disk fd1 at fdc0 drive 1 #tape ft0 at fdc0 drive 2 controller wdc0 at isa? port "IO_WD1" bio irq 14 vector wdintr disk wd0 at wdc0 drive 0 #disk wd1 at wdc0 drive 1 #controller wdc1 at isa? port "IO_WD2" bio irq 15 vector wdintr #disk wd2 at wdc1 drive 0 #disk wd3 at wdc1 drive 1 #controller ncr0 #controller ahc0 #controller bt0 at isa? port "IO_BT0" bio irq ? vector btintr #controller uha0 at isa? port "IO_UHA0" bio irq ? drq 5 vector uhaintr #controller ahc1 at isa? bio irq ? vector ahcintr #controller ahb0 at isa? bio irq ? vector ahbintr #controller aha0 at isa? port "IO_AHA0" bio irq ? drq 5 vector ahaintr #controller aic0 at isa? port 0x340 bio irq 11 vector aicintr #controller nca0 at isa? port 0x1f88 bio irq 10 vector ncaintr #controller nca1 at isa? port 0x350 bio irq 5 vector ncaintr #controller sea0 at isa? bio irq 5 iomem 0xc8000 iosiz 0x2000 vector seaintr #controller scbus0 #device sd0 #device st0 #device cd0 #Only need one of these, the code dynamically grows #device wt0 at isa? port 0x300 bio irq 5 drq 1 vector wtintr #device mcd0 at isa? port 0x300 bio irq 10 vector mcdintr #device mcd1 at isa? port 0x340 bio irq 11 vector mcdintr #controller matcd0 at isa? port ? bio #device scd0 at isa? port 0x230 bio # syscons is the default console driver, resembling an SCO console device sc0 at isa? port "IO_KBD" tty irq 1 vector scintr # Enable this and PCVT_FREEBSD for pcvt vt220 compatible console driver #device vt0 at isa? port "IO_KBD" tty irq 1 vector pcrint #options "PCVT_FREEBSD=210" # pcvt running on FreeBSD 2.1 #options XSERVER # include code for XFree86 device npx0 at isa? port "IO_NPX" irq 13 vector npxintr device sio0 at isa? port "IO_COM1" tty irq 4 vector siointr device sio1 at isa? port "IO_COM2" tty irq 3 vector siointr device sio2 at isa? port "IO_COM3" tty irq 5 vector siointr device sio3 at isa? port "IO_COM4" tty irq 9 vector siointr device lpt0 at isa? port? tty irq 7 vector lptintr device lpt1 at isa? port? tty device lpt2 at isa? port? tty # Order is important here due to intrusive probes, do *not* alphabetize # this list of network interfaces until the probes have been fixed. # Right now it appears that the ie0 must be probed before ep0. See # revision 1.20 of this file. #device de0 device ed0 at isa? port 0x280 net irq 5 iomem 0xd8000 vector edintr device ed1 at isa? port 0x300 net irq 5 iomem 0xd8000 vector edintr device ed2 at isa? port 0x320 net irq 5 iomem 0xd8000 vector edintr device ed3 at isa? port 0x340 net irq 5 iomem 0xd8000 vector edintr device ed4 at isa? port 0x360 net irq 5 iomem 0xd8000 vector edintr #device ie0 at isa? port 0x360 net irq 7 iomem 0xd0000 vector ieintr device ep0 at isa? port 0x300 net irq 10 vector epintr #device ix0 at isa? port 0x300 net irq 10 iomem 0xd0000 iosiz 32768 vector ixintr #device le0 at isa? port 0x300 net irq 5 iomem 0xd0000 vector le_intr #device lnc0 at isa? port 0x280 net irq 10 drq 0 vector lncintr #device lnc1 at isa? port 0x300 net irq 10 drq 0 vector lncintr #device ze0 at isa? port 0x300 net irq 5 iomem 0xd8000 vector zeintr #device zp0 at isa? port 0x300 net irq 10 iomem 0xd8000 vector zpintr device eth0 at isa? port 0x240 net irq 5 iomem 0xd0000 iosiz 0x8000 vector ethintr pseudo-device loop pseudo-device ether pseudo-device log pseudo-device sl 4 # ijppp uses tun instead of ppp device pseudo-device ppp 4 pseudo-device tun 4 pseudo-device bpfilter 16 #Berkeley packet filter pseudo-device pty 16 pseudo-device gzip # Exec gzipped a.out's --------------------------------------------------------------- Note that the "eth0" device is ET's sync serial card. You won't have this driver... other than that, this should be workable for you. ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847