Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 3 Sep 1997 08:43:10 -0500 (CDT)
From:      Kent Hamilton <kenth@HNS.St-Louis.Mo.US>
To:        freebsd-hackers@freebsd.org
Subject:   ipfw problem in 2.2.2
Message-ID:  <199709031343.IAA25280@gwydion.hns.st-louis.mo.us>

next in thread | raw e-mail | index | archive | help
Hmmm, I thought I sent this last night but I never saw it anywhere so
I'll try again....

I'm trying to use ipfw for the first time, and I've done the following:
  1.  Rebuild the kernel with:
      options	IPFIREWALL
      options	IPFIREWALL_VERBOSE
      options	IPDIVERT
      options	"IPFIREWALL_VERBOSE_LIMIT=50"
  2.  Changed rc.conf to firewall="simple"
  3.  Heavily modified rc.firewall
  4.  Reboot the box.

As soon as I try to load rules I get this:
/sbin/ipfw add 100 divert natd all from any to any via vx0
00100 ... rule here
ip_fw_ctl: neither in or out
[IP_FW_CTL] Invalid Argument

(I may have the syntax of the second error line wrong since
I'm doing it from memory and I don't have root access to the
machine remotely to test it.)

Can someone please tell me what I have wrong?  I get the same
error no matter what rule I try to add.

The configuration of the machine is:

Pentium 166 w/32MB RAM
FreeBSD-2.2.2
3 3Com XL cards
  vx0 - External Interface Class C address with subnet of 255.255.255.192
  vx1 - DMZ Interface Class C address with subnet of 255.255.255.192
  vx2 - Internal Interface using 172.16 internal addresses.

Suggestions on my stupid mistake happily accepted since I need this box
up asap....

-- 
Kent Hamilton                      Play:  KentH@HNS.St-Louis.MO.US
NIC Handle: KH91                    URL:  http://www2.hunter.com/~skh/
Blessed Be....                     Work:  KHamilton@Hunter.COM



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199709031343.IAA25280>