On 06/03/2011 14:23, Dave Johnson wrote:
An IPFW problem when going from release to stable on 8.2
An help gladly accepted
LOG ON
Flushed all rules.
00010 allow ip from 127.0.0.1 to 127.0.0.1 via lo0
00030 divert 8668 ip from any to any via bge0
ipfw: getsockopt(IP_FW_ADD): Invalid argument
50000 allow ip from any to any
Firewall rules loaded.
Starting natd.
rc.conf
defaultrouter="192.168.0.1"
gateway_enable="YES"
hostname="xxx.xxx.xxx"
ifconfig_bge0="inet 192.168.0.11 netmask 255.255.255.0"
ifconfig_em0="inet 192.168.1.2 netmask 255.255.255.0"
keymap="us.iso"
moused_enable="YES"
sshd_enable="YES"
firewall_enable="YES"
firewall_script="/etc/rc.firewall"
natd_program="/sbin/natd"
natd_enable="YES"
natd_interface="bge0"
natd_flags="-f /etc/natd.conf"
dhcpd_enable="NO"
dhcpd_flags="-q"
dhcpd_conf="/usr/local/etc/dhcpd.conf"
dhcpd_ifaces="em0"
dhcpd_withumask="022"
... [additional config which doesn't further isolate the problem snipped] ...
It's a bug with the ipfw / natd startup scripts.
See:
http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/148137
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/148928
http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/153155
The latter has a patch to fix the problem.
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
