From owner-freebsd-ipfw@FreeBSD.ORG Mon Apr 21 09:14:45 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A5AA37B404 for ; Mon, 21 Apr 2003 09:14:45 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id D318B43FEA for ; Mon, 21 Apr 2003 09:14:44 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h3LGEiBp028862; Mon, 21 Apr 2003 09:14:44 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h3LGEiYL028861; Mon, 21 Apr 2003 09:14:44 -0700 (PDT) (envelope-from rizzo) Date: Mon, 21 Apr 2003 09:14:44 -0700 From: Luigi Rizzo To: vlad Message-ID: <20030421091444.A23150@xorpc.icir.org> References: <7354444376.20030421230303@sas.nsk.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <7354444376.20030421230303@sas.nsk.su>; from vlad@sas.nsk.su on Mon, Apr 21, 2003 at 11:03:03PM +0700 cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw in freebsd 4.7 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2003 16:14:45 -0000 you are trying to use an IPFW2 option. You need to put "options IPFW2" in your kernel config file, and rebuild /sbin/ipfw with "make -DIPFW2" (and also upgrade kernel and sources to a recent RELENG_4 because there were several bugfix since 4.7) cheers luigi On Mon, Apr 21, 2003 at 11:03:03PM +0700, vlad wrote: > Hello! > > I have FreeBSD 4.7 installed. > I need to add this rule into firewall: > ipfw add divert 10000 ip from {not a.b.c.d/nn or not e.f.g.h/yy} to > i.j.k.l/zz via ed0 > > but ipfw answers me: > host '{' is unknown. > I readed man page about grouping carefull, but cannot add this rule > into firewall table. > > Can anyone explain this ipfw behavior? > I cannot split this rule into two separated... > waiting yours solution. > > Please, make copy of your answer to my email. > -- > Best regards, > vlad mailto:vlad@sas.nsk.su > > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"