Date: Fri, 22 Jul 2005 03:02:26 +0300 From: Abu Khaled <khaled.abu@gmail.com> To: Jon Falconer <jfalconer@puc.edu> Cc: freebsd-questions@freebsd.org Subject: Re: ipfw loads with forwarding disabled Message-ID: <a64c109e0507211702482fd077@mail.gmail.com> In-Reply-To: <Pine.BSI.4.05L.10507211606530.19303-100000@ecf.puc.edu> References: <Pine.BSI.4.05L.10507211606530.19303-100000@ecf.puc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 7/22/05, Jon Falconer <jfalconer@puc.edu> wrote: > I'm running FreeBSD 5.4-RELEASE. When I load ipfw.ko I get: >=20 > ipfw2 initialized, divert disabled, rule-based forwarding disabled, > default to deny, logging disabled >=20 > I want to use the forward action in the rule set, logging would be nice > too. When I try to add a rule which uses the forward action, I get: >=20 > Line 2: getsockopt(IP_FW_ADD): Invalid argument >=20 > and line 2 looks similar to: >=20 > add 1200 forward ##.##.##.1 src-ip ##.##.##.0/23 in recv dc1 >=20 > At this point I'm guessing that "rule-based forwarding disabled" has > something to do with it no liking my rule. I tried adding "options > IPFIREWALL_FORWARD" to the kernel config and rebuilt the kernel. But I > still get the same message as above when loading ipfw (kernel module). > I've perused all the relevant sections of the handbook that I could find > without finding any more clues. What does it take to change the default > feature set of the ipfw kernel module? Or do I have to compile it into th= e > kernel to alter this? >=20 > Thanks for your suggestions, >=20 > Jon >=20 What value does sysctl net.inet.ip.forwarding has? #sysctl net.inet.ip.forwarding --=20 Regards. Abu Khaled
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a64c109e0507211702482fd077>