Date: Tue, 20 Oct 1998 13:35:30 -0400 (EDT) From: "Russell D. Murphy" <rdmurphy@vt.edu> To: dwhite@resnet.uoregon.edu Cc: FreeBSD-Questions@FreeBSD.ORG Subject: Re: natd setup Message-ID: <199810201735.NAA00622@neale.econ.vt.edu> In-Reply-To: <Pine.BSF.4.03.9810200933190.6354-100000@resnet.uoregon.edu> (message from Doug White on Tue, 20 Oct 1998 09:33:38 -0700 (PDT))
next in thread | previous in thread | raw e-mail | index | archive | help
| Date: Tue, 20 Oct 1998 09:33:38 -0700 (PDT)
| From: Doug White <dwhite@resnet.uoregon.edu>
| Can you do a 'uname -a'?
Sure:
neale [rdmurphy]% uname -a
FreeBSD neale.econ.vt.edu 2.2.7-STABLE FreeBSD 2.2.7-STABLE #0:
Tue Oct 20 11:45:57 EDT 1998
rdmurphy@neale.econ.vt.edu:/usr/src/sys/compile/NEALE i386
I was just trying out some more things this morning. It seems that
ipfw is complaining whenever I try to add a rule:
neale# ipfw -f flush
Flushed all rules.
neale# ipfw add divert natd all from any to any via de0
00000 divert 8668 ip from any to any via de0
ipfw: setsockopt(IP_FW_ADD): Invalid argument
neale# ifconfig de0
de0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 128.173.173.159 netmask 0xfffffc00 broadcast 128.173.175.255
ether 00:00:f8:07:d4:a0
media: autoselect (10baseT/UTP) status: active
supported media: autoselect 100baseTX <full-duplex>
100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP
IPDIVERT is still enabled:
neale# strings /kernel | grep __options | grep IP
___options IPFIREWALL #firewall
___options IPFIREWALL_VERBOSE #print information about
___options "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity
___options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything
___options IPDIVERT #divert sockets
Thanks for any suggestions you can give.
Russ
| On Sat, 17 Oct 1998, Russell D. Murphy wrote:
|
| >
| > This doesn't seem to do it, since the kernel is current and includes
| > IPDIVERT:
| >
| > neale [rdmurphy]% ls -l /kernel
| > -r-xr-xr-x 1 root wheel 1253338 Oct 15 17:28 /kernel
| > neale [rdmurphy]% grep IP /usr/src/sys/i386/conf/NEALE
| > options IPFIREWALL #firewall
| > options IPFIREWALL_VERBOSE #print information about
| > options "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity
| > options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
| > options IPDIVERT #divert sockets
|
| > | Date: Fri, 16 Oct 1998 14:19:48 -0700 (PDT)
| > | From: Doug White <dwhite@resnet.uoregon.edu>
| > |
| > | On Fri, 16 Oct 1998, Russell D. Murphy wrote:
| > |
| > | >
| > | > I'm trying to set up natd, but am getting the following errors
| > | > from ipfw:
| > | >
| > | > ----------
| > | > 00000 divert 8668 ip from any to any via de0
| > | > ipfw: setsockopt(IP_FW_ADD): Invalid argument
| > | > 00000 allow ip from any to any
| > | > ipfw: setsockopt(IP_FW_ADD): Invalid argument
| > | > ----------
| > | >
| > | > These arise from either interactive invocation or rc.firewall.
| > | > Can anyone help?
| > |
| > | You need to build a kernel with
| > |
| > | options IPDIVERT
| > |
| > | Or you need to boot the kernel you built with IPDIVERT :) also try
| > |
| > | /dev/MAKEDEV ipfw0
|
| Doug White
| Internet: dwhite@resnet.uoregon.edu | FreeBSD: The Power to Serve
| http://gladstone.uoregon.edu/~dwhite | www.freebsd.org
|
|
-----
Russell D. Murphy
Department of Economics
Virginia Polytechnic Institute and State University
3034 Pamplin Hall
Blacksburg, Virginia 24061-0316
(540) 231-4537
rdmurphy@vt.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199810201735.NAA00622>