IPFW Rule

Chris Pratt eagletree at hughes.net
Sat Nov 22 06:02:42 PST 2008


On Nov 22, 2008, at 5:43 AM, Tom Marchand wrote:

>
> On Nov 21, 2008, at 6:25 PM, Wojciech Puchar wrote:
>
>>> I am trying to add a IPFW rule to forward traffic but I keep  
>>> getting the message "ipfw: getsockopt(IP_FW_ADD): Invalid  
>>> argument".  The rule I am trying to add looks like this:
>>>
>>> ipfw add 600 fwd 192.169.2.3, 6000 tcp from 192.169.2.3 to any 80
>>>
>>> I do have IP Forwarding enabled.  Any ideas what I am doing wrong?
>>
>> rule looks OK, but your message clearly suggest you DO NOT have IP  
>> forwarding enabled
>
> Interesting sysctl reports that forwarding is enabled:
>
> $ sysctl -a |grep forward
> net.inet.ip.forwarding: 1
>
> IP forwarding is enabled in GENERIC isn't it?  I am running 6.1- 
> RELEASE FreeBSD 6.1-RELEASE

I'm looking at a 6.2 box that does forwarding. The GENERIC
kernel does not have this line:

options IPFIREWALL_FORWARD

In my kernel, I am using that. Recollection is you need this
specified explicitly. I could be wrong.


> #0._______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions- 
> unsubscribe at freebsd.org"
>



More information about the freebsd-questions mailing list