Date: Fri, 6 Oct 2000 11:04:03 -0700 (PDT) From: ecffang@yahoo.com To: freebsd-gnats-submit@FreeBSD.org Subject: kern/21786: ipfw divert broken after upgraded from 4.1 to 4.1.1 Message-ID: <20001006180403.269C637B66E@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 21786
>Category: kern
>Synopsis: ipfw divert broken after upgraded from 4.1 to 4.1.1
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Oct 06 11:10:00 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: Eric
>Release: 4.1.1-RELEASE and RELENG_4
>Organization:
personal
>Environment:
FreeBSD <hostname> 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE #0: Tue Sep 26 00:46 :59 GMT 2000 jkh@narf.osd.bsdi.com:/usr/src/sys/compile/GENERIC i386
>Description:
I cvsup 4.1 to 4.11 using make buildworld, buildkernel/installkernel and installworld. Kernel config file is only GENERIC plus IPDIVERT and IPFIREWALL.
'ipfw list' doesn't show the divert line even rc.conf specified it. Boot up messages showed:
ipfw: setsockopt(IP_FW_ADD): Invalid argument
By mimicking rc.firewall and do:
ipfw add 50 divert natd all from any to any via xl0
It shows the same thing above.
Thought it's the old config files somewhere conflict with the new ones,
so I backed up everything, wiped the disk and installed fresh copy from the 4.1.1-RELEASE cdrom.
Same results. Seems like IPFIREWALL and IPDIVERT combo don't work anymore.
After the clean cdrom installation, the src can't be compiled correctly even with the original GENERIC while the original 4.1 supped 4.11 src could be compiled correctly:
make buildkernel KERNEL=GENERIC
data" {.data section} - "KERNBASE" {*UND* section} at file address 1535.
/tmp/ccl41249.s:2462: Error: Subtraction of two symbols in different sections "IdlePTD" {.data section} - "KERNBASE" {*UND* section} at file address 1554.
/tmp/ccl41249.s:2465: Error: Subtraction of two symbols in different sections "IdlePTD" {.data section} - "KERNBASE" {*UND* section} at file address 1577.
/tmp/ccl41249.s:2468: Error: Subtraction of two symbols in different sections "IdlePTD" {.data section} - "KERNBASE" {*UND* section} at file address 1596.
*** Error code 1
Stop in /usr/obj/usr/src/sys/GENERIC.
*** Error code 1
Stop in /usr/src.
*** Error code 1
Note: 4.1 works fine with natd and ipfw divert. xl0 is my outside interface with ifconfig_xl0="DHCP" (cable modem). I'll cvsup the latest stable and see what happens.
>How-To-Repeat:
1. Install 4.1.1-release iso cdrom with full src.
2. Configured rc.conf with natd "yes", firewall "YES" "open", gateway_enable="YES" and of course configured both network interfaces.
3. Reboot
4. divert line in rc.firewall doesn't work
5. cd /usr/src/sys/i386/conf; cp GENERIC TEST; add "options IPFIREWALL" and "options IPDIVERT" to TEST.
6. cd /usr/src; make buildkernel KERNEL=TEST --- failed
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001006180403.269C637B66E>