Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 3 Aug 2009 02:36:02 -0700 (PDT)
From:      sailer <sailer.shen@gmail.com>
To:        freebsd-questions@freebsd.org
Subject:   "ioctl (SIOCIPFL6): input/output error." when start ipfilter at freebsd 7.2 x64
Message-ID:  <24787848.post@talk.nabble.com>

next in thread | raw e-mail | index | archive | help

This is my freebsd 7.2:
[code]
FreeBSD fbsd.test.com 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Mon Aug  3
06:40:56 UTC 2009    
root@vfbsd.shstorm.com:/usr/src/sys/amd64/compile/kernel_IPF  amd64
[/code]

In kenrel_IPF, I add these lines:
[code]
options IPFILTER
options IPFILTER_LOG
[/code]

Add these lines in /etc/rc.conf:
[code]
ipfilter_enable="YES"
ipfilter_program="/sbin/ipf"
ipfilter_rules="/etc/ipf.rules"
ipfilter_flags="-D"
ipmon_enable="YES"
ipmon_flags="-D /var/log/ipfilter.log"
[/code]

This is /etc/ipf.rules:
[code]
pass out quick on lo0 all
pass in quick on lo0 all

block in on re0 all
block out on re0 all

block in log quick all with short
block in log quick all with ipopts
block in log quick all with frag
block in log quick all with opt lsrr
block in log quick all with opt ssrr

pass in on re0 proto tcp from any to any port = 80 flags S/SA keep state
pass in on re0 proto tcp from any to any port = 22 flags S/SA keep state
pass in on re0 proto tcp from any to any port = ftp flags S/SA keep state

pass in on re0 proto tcp from any to any port = ftp-data flags S/SA keep
state
pass in on re0 proto tcp from any to any port 30000 >< 50001 flags S/SA keep
state
[/code]

When start system, it shows some error messages:
[code]
......
Enabling ipfilter
ioctl (SIOCIPFL6): input/output error.
......
[/code]

Who can help me?
-- 
View this message in context: http://www.nabble.com/%22ioctl-%28SIOCIPFL6%29%3A-input-output-error.%22-when-start-ipfilter-at-freebsd-7.2-x64-tp24787848p24787848.html
Sent from the freebsd-questions mailing list archive at Nabble.com.




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?24787848.post>