From owner-freebsd-questions  Sun Nov  4 15:40:58 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from mail12.speakeasy.net (mail12.speakeasy.net [216.254.0.212])
	by hub.freebsd.org (Postfix) with ESMTP id F0B2837B416
	for <questions@FreeBSD.ORG>; Sun,  4 Nov 2001 15:40:55 -0800 (PST)
Received: (qmail 90512 invoked from network); 4 Nov 2001 23:40:53 -0000
Received: from unknown (HELO z5w4q9) ([66.92.216.5]) (envelope-sender <jasonc@concentric.net>)
          by mail12.speakeasy.net (qmail-ldap-1.03) with SMTP
          for <ziccardi@digitalfreaks.org>; 4 Nov 2001 23:40:53 -0000
Message-ID: <00ed01c16589$db05cd40$05d85c42@kibserv.org>
From: "Jason Cribbins" <jasonc@concentric.net>
To: "Chad Ziccardi" <ziccardi@digitalfreaks.org>
Cc: "Nick Rogness" <nick@rogness.net>, <questions@FreeBSD.ORG>
References: <20011104182830.E29105-100000@digitalfreaks.org>
Subject: Re: Unable to get natd/ipfw to work properly
Date: Sun, 4 Nov 2001 18:38:48 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

> On Sun, 4 Nov 2001, Jason Cribbins wrote:
>
> > I rebuilt the kernel using the directions found on
> >
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html
> > using the "traditional" method since the "new" method wouldn't work
> > correctly.
> > I have confirmed the new kernel ident is displayed upon bootup.
> >
> > Now I am back top this again
> > IP packet filtering initialized, divert disabled, rule-based forwarding
> > disabled
> > , default to deny, logging disabled
> >
> > and this as well.
> > 7:58pm mail:~ # ipfw add divert natd all from any to any via lnc0
> > ipfw: getsockopt(IP_FW_ADD): Invalid argument
> > 7:58pm mail:~ #
>
> See the "divert disabled" that's why divert isn't working.
>
But I have options IPDIVERT in my kernel config when I compiled it earlier
today.  I am still compileing another with IPDIVERT and IPFIREWALL.  Only
time will tell if this is what I need or if its something else.

> Also if you've cvsup'd recently and didn't upgrade teh ipfw binary with
teh
> kernel, better do that.
>
I am unable to do cvs on this machine... The last time I tried it ran for
hours then suddenly ran short of disk space.  Apparently one needs huge
amounts of wasted space on a HD in order to do a make world.  I only have a
520MB SCSI in most of 486 and 586 machines here.  Networking on a budget,
which is why I run BSD and not NT.
>
>
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message