From owner-freebsd-questions Wed Oct 24 0:46: 8 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mip.co.za (puck.mip.co.za [209.212.106.44]) by hub.freebsd.org (Postfix) with ESMTP id 12BC737B401 for ; Wed, 24 Oct 2001 00:45:31 -0700 (PDT) Received: from patrick (patrick.mip.co.za [10.3.13.181]) by mip.co.za (8.9.3/8.9.3) with SMTP id JAA62665; Wed, 24 Oct 2001 09:43:38 +0200 (SAST) (envelope-from patrick@mip.co.za) From: "Patrick O'Reilly" To: "Diego" , Subject: RE: problem with ip_fw_ctl! Date: Wed, 24 Oct 2001 09:47:04 +0200 Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_00C9_01C15C70.D698B870" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 In-Reply-To: <000001c15c46$b88562e0$b7ddbfc8@drean> Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. ------=_NextPart_000_00C9_01C15C70.D698B870 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Diego, Did you also add: options IPDIVERT to your kernel config? My kernel config for firewalls is usually like so: options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #print information about options IPFIREWALL_FORWARD #enable transparent proxy support options IPDIVERT #divert sockets options DUMMYNET See LINT. Regards, Patrick. -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Diego Sent: 24 October 2001 06:45 To: freebsd-questions@FreeBSD.ORG Subject: problem with ip_fw_ctl! I need help i recompile my kernel with all options about FIREWALL...but ipdivert and forward not work, send this message Oct 24 02:14:09 bcgames /kernel: ip_fw_ctl: invalid command My sysctl: kern.maxfiles: 32808 kern.maxfilesperproc: 32808 net.inet.ip.maxfragpackets: 4224 kern.maxusers: 1024 -> I find that he is correct I do not know more what to make! thank´s I wait reply ------=_NextPart_000_00C9_01C15C70.D698B870 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Diego,
 
Did=20 you also add:
options      &nb= sp; =20 IPDIVERT
to=20 your kernel config?
 
My=20 kernel config for firewalls is usually like so:
options      &nb= sp; =20 IPFIREWALL     =20             &= nbsp;    =20 #firewall
options        =20 IPFIREWALL_VERBOSE      #print information=20 about
options        =20 IPFIREWALL_FORWARD     #enable transparent proxy=20 support
options        =20 IPDIVERT           = ;        =20         #divert=20 sockets
options        =20 DUMMYNET
See=20 LINT.
 
Regards,
Patrick.
-----Original Message-----
From:=20 owner-freebsd-questions@FreeBSD.ORG=20 [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of=20 Diego
Sent: 24 October 2001 06:45
To:=20 freebsd-questions@FreeBSD.ORG
Subject: problem with=20 ip_fw_ctl!

I need help i recompile my = kernel with all=20 options about FIREWALL...but ipdivert and forward not work, send this=20 message
 
Oct 24 02:14:09 bcgames /kernel: = ip_fw_ctl:=20 invalid command
 
My sysctl:
kern.maxfiles: = 32808
kern.maxfilesperproc:=20 32808
net.inet.ip.maxfragpackets: 4224
kern.maxusers: 1024
-> I find that he is = correct
 
I do not know more what to = make!
 
thank=B4s
 
I wait=20 reply

------=_NextPart_000_00C9_01C15C70.D698B870-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message