From owner-freebsd-ipfw Mon Aug 5 0:45:20 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 52A4037B400 for ; Mon, 5 Aug 2002 00:45:17 -0700 (PDT) Received: from mail.duncanyoung.com (pc-62-30-170-113-ca.blueyonder.co.uk [62.30.170.113]) by mx1.FreeBSD.org (Postfix) with ESMTP id B4AE843E6A for ; Mon, 5 Aug 2002 00:45:11 -0700 (PDT) (envelope-from duncan.young@pobox.com) Received: from toyo.int.duncanyoung.com (toyo-ext.int.duncanyoung.com [192.168.200.2]) by mail.duncanyoung.com (Postfix) with ESMTP id 7D346EF7 for ; Mon, 5 Aug 2002 08:44:59 +0100 (BST) Content-Type: text/plain; charset="iso-8859-1" From: Duncan Young Subject: Fwd: Re: divert not working in 4.6.1-RELEASE-p7 ??? Date: Mon, 5 Aug 2002 08:44:59 +0100 User-Agent: KMail/1.4.2 To: freebsd-ipfw@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: <200208050844.59243.dunk@pobox.com> Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG uname -v: FreeBSD 4.6.1-RELEASE-p7 #1: Sat Aug 3 13:55:03 BST 2002 root@toyo.int.duncanyoung.com:/usr/obj/usr/src/sys/GENERIC My apologies, I feel a little foolish :-( Thanks for the help Duncan PS I've been using BSD only for a couple of months and think most of it is execelent. I'm used to ipfilter (on solaris). I think ipfw, except for the natd stuff/divert, seems easier to use. On Sunday 04 Aug 2002 2:21 pm, Philip Reynolds wrote: > Philip Reynolds 27 lines of wisdom included: > > Duncan Young 21 lines of wisdom included: > > > Hi all, > > > > > > I did have ipfw working fine, but since a recent patch upgrade I am > > > getting the following error when I add my divert rules: > > > > > > i.e. from the command line: > > > > > > toyo# ipfw 2000 add divert natd all from any to any in via sis0 > > > ipfw: getsockopt(IP_FW_ADD): Invalid argument > > > > > > Has anyone any idea's on why it's occurring? > > > > > > Any suggestions would be appreciated. > > > > Are you sure you are not using the loadable module of IPFW which > > does not support divert sockets. > > > > Just in case, double check that kldstat does _not_ show ipfw.ko > > Sorry for replying to my own mail, but the two lines you should have > in your configuration for divert sockets are: > > options IPFIREWALL > options IPDIVERT > > Make sure you are running your custom kernel and not GENERIC > (``uname -v'') > > Is it purely the divert lines which are failing. > > Also, what patch upgrade did you do, and what version of FreeBSD are > you running? ------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message