Date: Wed, 24 Oct 2001 09:47:04 +0200 From: "Patrick O'Reilly" <patrick@mip.co.za> To: "Diego" <diego@bcgames.com.br>, <freebsd-questions@FreeBSD.ORG> Subject: RE: problem with ip_fw_ctl! Message-ID: <NDBBIMKICMDGDMNOOCAIAEAGDMAA.patrick@mip.co.za> In-Reply-To: <000001c15c46$b88562e0$b7ddbfc8@drean>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_00C9_01C15C70.D698B870 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Diego, Did you also add: options IPDIVERT to your kernel config? My kernel config for firewalls is usually like so: options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #print information about options IPFIREWALL_FORWARD #enable transparent proxy support options IPDIVERT #divert sockets options DUMMYNET See LINT. Regards, Patrick. -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Diego Sent: 24 October 2001 06:45 To: freebsd-questions@FreeBSD.ORG Subject: problem with ip_fw_ctl! I need help i recompile my kernel with all options about FIREWALL...but ipdivert and forward not work, send this message Oct 24 02:14:09 bcgames /kernel: ip_fw_ctl: invalid command My sysctl: kern.maxfiles: 32808 kern.maxfilesperproc: 32808 net.inet.ip.maxfragpackets: 4224 kern.maxusers: 1024 -> I find that he is correct I do not know more what to make! thank´s I wait reply ------=_NextPart_000_00C9_01C15C70.D698B870 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content=3D"text/html; charset=3Diso-8859-1" = http-equiv=3DContent-Type> <META content=3D"MSHTML 5.00.3103.1000" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20 class=3D781544207-24102001>Diego,</SPAN></FONT></DIV> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20 class=3D781544207-24102001></SPAN></FONT> </DIV> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN = class=3D781544207-24102001>Did=20 you also add:</SPAN></FONT></DIV> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20 class=3D781544207-24102001>options &nb= sp; =20 IPDIVERT</SPAN></FONT></DIV> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN = class=3D781544207-24102001>to=20 your kernel config?</SPAN></FONT></DIV> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20 class=3D781544207-24102001></SPAN></FONT> </DIV> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN = class=3D781544207-24102001>My=20 kernel config for firewalls is usually like so:</SPAN></FONT></DIV> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20 class=3D781544207-24102001>options &nb= sp; =20 IPFIREWALL =20 &= nbsp; =20 #firewall<BR>options =20 IPFIREWALL_VERBOSE #print information=20 about<BR>options =20 IPFIREWALL_FORWARD #enable transparent proxy=20 support<BR>options =20 IPDIVERT  = ; =20 #divert=20 sockets<BR>options =20 DUMMYNET<BR></SPAN></FONT></DIV><FONT color=3D#0000ff face=3DArial = size=3D2><SPAN=20 class=3D781544207-24102001> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN = class=3D781544207-24102001>See=20 LINT.</SPAN></FONT></DIV> <DIV> </DIV> <DIV>Regards,</SPAN></FONT></DIV> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20 class=3D781544207-24102001>Patrick.</DIV></SPAN></FONT> <BLOCKQUOTE=20 style=3D"BORDER-LEFT: #0000ff 2px solid; MARGIN-LEFT: 5px; MARGIN-RIGHT: = 0px; PADDING-LEFT: 5px"> <DIV align=3Dleft class=3DOutlookMessageHeader dir=3Dltr><FONT = face=3DTahoma=20 size=3D2>-----Original Message-----<BR><B>From:</B>=20 owner-freebsd-questions@FreeBSD.ORG=20 [mailto:owner-freebsd-questions@FreeBSD.ORG]<B>On Behalf Of=20 </B>Diego<BR><B>Sent:</B> 24 October 2001 06:45<BR><B>To:</B>=20 freebsd-questions@FreeBSD.ORG<BR><B>Subject:</B> problem with=20 ip_fw_ctl!<BR><BR></DIV></FONT> <DIV><FONT face=3DArial size=3D2>I need help i recompile my = kernel with all=20 options about FIREWALL...but ipdivert and forward not work, send this=20 message</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2>Oct 24 02:14:09 bcgames /kernel: = ip_fw_ctl:=20 invalid command</FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2>My sysctl:</FONT></DIV> <DIV><FONT face=3DArial size=3D2>kern.maxfiles: = 32808<BR>kern.maxfilesperproc:=20 32808<BR>net.inet.ip.maxfragpackets: 4224</FONT></DIV> <DIV><FONT face=3DArial size=3D2>kern.maxusers: 1024</FONT></DIV> <DIV><FONT face=3DArial size=3D2>-> I find that he is = correct<BR></FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2>I do not know more what to = make!</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>thank=B4s</FONT></DIV> <DIV><FONT face=3DArial size=3D2> </FONT></DIV> <DIV><FONT face=3DArial size=3D2>I wait=20 reply<BR><BR></DIV></BLOCKQUOTE></FONT></BODY></HTML> ------=_NextPart_000_00C9_01C15C70.D698B870-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NDBBIMKICMDGDMNOOCAIAEAGDMAA.patrick>