From owner-freebsd-questions Tue Oct 20 10:35:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA11296 for freebsd-questions-outgoing; Tue, 20 Oct 1998 10:35:09 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from neale.econ.vt.edu (neale.econ.vt.edu [128.173.173.159]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA11285 for ; Tue, 20 Oct 1998 10:35:03 -0700 (PDT) (envelope-from rdmurphy@neale.econ.vt.edu) Received: (from rdmurphy@localhost) by neale.econ.vt.edu (8.8.8/8.8.8) id NAA00622; Tue, 20 Oct 1998 13:35:30 -0400 (EDT) (envelope-from rdmurphy) Date: Tue, 20 Oct 1998 13:35:30 -0400 (EDT) Message-Id: <199810201735.NAA00622@neale.econ.vt.edu> From: "Russell D. Murphy" To: dwhite@resnet.uoregon.edu CC: FreeBSD-Questions@FreeBSD.ORG In-reply-to: (message from Doug White on Tue, 20 Oct 1998 09:33:38 -0700 (PDT)) Subject: Re: natd setup Reply-to: rdmurphy@vt.edu Mime-Version: 1.0 (generated by tm-edit 7.106) Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG | Date: Tue, 20 Oct 1998 09:33:38 -0700 (PDT) | From: Doug White | Can you do a 'uname -a'? Sure: neale [rdmurphy]% uname -a FreeBSD neale.econ.vt.edu 2.2.7-STABLE FreeBSD 2.2.7-STABLE #0: Tue Oct 20 11:45:57 EDT 1998 rdmurphy@neale.econ.vt.edu:/usr/src/sys/compile/NEALE i386 I was just trying out some more things this morning. It seems that ipfw is complaining whenever I try to add a rule: neale# ipfw -f flush Flushed all rules. neale# ipfw add divert natd all from any to any via de0 00000 divert 8668 ip from any to any via de0 ipfw: setsockopt(IP_FW_ADD): Invalid argument neale# ifconfig de0 de0: flags=8843 mtu 1500 inet 128.173.173.159 netmask 0xfffffc00 broadcast 128.173.175.255 ether 00:00:f8:07:d4:a0 media: autoselect (10baseT/UTP) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP IPDIVERT is still enabled: neale# strings /kernel | grep __options | grep IP ___options IPFIREWALL #firewall ___options IPFIREWALL_VERBOSE #print information about ___options "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity ___options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything ___options IPDIVERT #divert sockets Thanks for any suggestions you can give. Russ | On Sat, 17 Oct 1998, Russell D. Murphy wrote: | | > | > This doesn't seem to do it, since the kernel is current and includes | > IPDIVERT: | > | > neale [rdmurphy]% ls -l /kernel | > -r-xr-xr-x 1 root wheel 1253338 Oct 15 17:28 /kernel | > neale [rdmurphy]% grep IP /usr/src/sys/i386/conf/NEALE | > options IPFIREWALL #firewall | > options IPFIREWALL_VERBOSE #print information about | > options "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity | > options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default | > options IPDIVERT #divert sockets | | > | Date: Fri, 16 Oct 1998 14:19:48 -0700 (PDT) | > | From: Doug White | > | | > | On Fri, 16 Oct 1998, Russell D. Murphy wrote: | > | | > | > | > | > I'm trying to set up natd, but am getting the following errors | > | > from ipfw: | > | > | > | > ---------- | > | > 00000 divert 8668 ip from any to any via de0 | > | > ipfw: setsockopt(IP_FW_ADD): Invalid argument | > | > 00000 allow ip from any to any | > | > ipfw: setsockopt(IP_FW_ADD): Invalid argument | > | > ---------- | > | > | > | > These arise from either interactive invocation or rc.firewall. | > | > Can anyone help? | > | | > | You need to build a kernel with | > | | > | options IPDIVERT | > | | > | Or you need to boot the kernel you built with IPDIVERT :) also try | > | | > | /dev/MAKEDEV ipfw0 | | Doug White | Internet: dwhite@resnet.uoregon.edu | FreeBSD: The Power to Serve | http://gladstone.uoregon.edu/~dwhite | www.freebsd.org | | ----- Russell D. Murphy Department of Economics Virginia Polytechnic Institute and State University 3034 Pamplin Hall Blacksburg, Virginia 24061-0316 (540) 231-4537 rdmurphy@vt.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message