ipfw loads with forwarding disabled
Jon Falconer
jfalconer at puc.edu
Thu Jul 21 23:31:54 GMT 2005
I'm running FreeBSD 5.4-RELEASE. When I load ipfw.ko I get:
ipfw2 initialized, divert disabled, rule-based forwarding disabled,
default to deny, logging disabled
I want to use the forward action in the rule set, logging would be nice
too. When I try to add a rule which uses the forward action, I get:
Line 2: getsockopt(IP_FW_ADD): Invalid argument
and line 2 looks similar to:
add 1200 forward ##.##.##.1 src-ip ##.##.##.0/23 in recv dc1
At this point I'm guessing that "rule-based forwarding disabled" has
something to do with it no liking my rule. I tried adding "options
IPFIREWALL_FORWARD" to the kernel config and rebuilt the kernel. But I
still get the same message as above when loading ipfw (kernel module).
I've perused all the relevant sections of the handbook that I could find
without finding any more clues. What does it take to change the default
feature set of the ipfw kernel module? Or do I have to compile it into the
kernel to alter this?
Thanks for your suggestions,
Jon
More information about the freebsd-questions
mailing list