IPDIVERT, having issues?

[Devon Stark]

Greetings! I am having a problem trying to get IPDIVERT to take.. I have setup my kernel conf to include the following lines   options IPFIREWALL options IPDIVERT   I have the nic configured and running just fine, for both local LAN and for internet (both of my NICs are plugged into the same switch for now)   My /etc/rc.conf has gateway_enable=""YES" firewall_enable="YES" natd_enable="YES"   Every time I boot the server I get a message saying that IP Packet filtering is enabled, along with any other configuration I specified (logging and such), but divert is always set to disabled!? I have gone to the point of building the kernel with '-DIPDIVERT' and still getting the same results... The main effect of this problem is of course that I get an error when I try to apply the following rule to my firewall   'ipfw add divert natd all from any to any via fxp0' The error is...   ip_fw_ctl: invalid command ipfw: getsockopt(IP_FW_ADD): Invalid argument   I have checked and natd is in the services list and seems to be configured properly.   I have been searching for the answer for about 3 days now with little luck finding the answer.   The only thing I can think of is that there is some other kernel option that I am enabling that is causing this problem, or perhaps that there is something that I am missing? I have included my config files here for review...   Kernel config file (I striped out all of the comments for the sake of this post) machine         i386 cpu             I686_CPU ident           THE-SERVER maxusers        256 options         MATH_EMULATE            options         INET                    options         FFS                     options         FFS_ROOT                options         SOFTUPDATES             options         UFS_DIRHASH             options         MFS                     options         MD_ROOT                 options         NFS                     options         NFS_ROOT                options         MSDOSFS                 options         CD9660                  options         CD9660_ROOT             options         PROCFS                  options         COMPAT_43               options         SCSI_DELAY=1000         options         UCONSOLE                options         USERCONFIG              options         VISUAL_USERCONFIG       options         KTRACE                  options         SYSVSHM                 options         SYSVMSG                 options         SYSVSEM                 options         P1003_1B                options         _KPOSIX_PRIORITY_SCHEDULING options         ICMP_BANDLIM            options         KBD_INSTALL_CDEV        options         IPFIREWALL options         IPDIVERT options         IPFIREWALL_FORWARD options         IPFIREWALL_VERBOSE options         IPFIREWALL_VERBOSE_LIMIT=50 options         BRIDGE options         IPSTEALTH options         TCP_DROP_SYNFIN options         SMP                     options         APIC_IO                 device          isa device          eisa device          pci device          fdc0    at isa? port IO_FD1 irq 6 drq 2 device          fd0     at fdc0 drive 0 device          ata0    at isa? port IO_WD1 irq 14 device          ata1    at isa? port IO_WD2 irq 15 device          ata device          atadisk                 device          atapicd                 device          atapifd                 options         ATA_STATIC_ID           device          ahb             device          ahc             device          amd             device          isp             device          ncr             device          sym             options         SYM_SETUP_LP_PROBE_MAP=0x40 device          adv0    at isa? device          adw device          bt0     at isa? device          aha0    at isa? device          aic0    at isa? device          scbus           device          da              device          sa              device          cd              device          pass            device          asr             device          atkbdc0 at isa? port IO_KBD device          atkbd0  at atkbdc? irq 1 flags 0x1 device          psm0    at atkbdc? irq 12 device          vga0    at isa? pseudo-device   splash device          sc0     at isa? flags 0x100 device          npx0    at nexus? port IO_NPX irq 13 device          apm0    at nexus? disable flags 0x20 device          sio0    at isa? port IO_COM1 flags 0x10 irq 4 device          sio1    at isa? port IO_COM2 irq 3 device          ppc0    at isa? irq 7 device          ppbus           device          lpt             device          miibus          device          fxp             pseudo-device   loop            pseudo-device   ether           pseudo-device   pty             pseudo-device   md              pseudo-device   bpf             device          uhci            device          ohci            device          usb             device          ugen            device          uhid            device          ukbd            device          ulpt            device          umass           device          ums             device          uscanner        device          urio            device          aue             device          cue             device          kue       Here is the /etc/rc.conf   gateway_enable="YES" inetd_enable="YES" kern_securelevel_enable="NO" linux_enable="YES" moused_enable="NO" nfs_reserved_port_only="YES" sendmail_enable="YES" sshd_enable="YES" usbd_enable="YES" ifconfig_fxp0="DHCP" ifconfig_fxp1="inet 172.17.0.1  netmask 255.255.255.0" hostname="The-Server.KnightRaven.com" firewall_enable="YES" firewall_type="open" firewall_quiet="NO" natd_enable="YES" natd_flags="-f /etc/natd.conf" natd_interface="fxp0"   Let me know if there are any other configuration files you need to look at...   Any ideas or help is greatly appreciated!   Thank you! Devon