i386/103233: ipfw forward does not work
remko at FreeBSD.org
Wed Sep 13 10:20:31 PDT 2006
The following reply was made to PR i386/103233; it has been noted by GNATS.
From: Remko Lodder <remko at FreeBSD.org>
To: Bobrov Alexey <alexey at bobroff.ru>
Cc: freebsd-gnats-submit at FreeBSD.org
Subject: Re: i386/103233: ipfw forward does not work
Date: Wed, 13 Sep 2006 19:11:54 +0200
Bobrov Alexey wrote:
>> Number: 103233
>> Category: i386
>> Synopsis: ipfw forward does not work
>> Confidential: no
>> Severity: critical
>> Priority: high
>> Responsible: freebsd-i386
>> State: open
>> Class: sw-bug
>> Submitter-Id: current-users
>> Arrival-Date: Wed Sep 13 16:20:22 GMT 2006
>> Originator: Bobrov Alexey
>> Release: FreeBSD 5.5-stable
> FreeBSD gate.club4x4.ru 5.5-STABLE FreeBSD 5.5-STABLE #0: Wed Sep 13 02:07:28 MSD 2006
> KERN ->options IPDIVERT
> options IPFIREWALL
> options IPFIREWALL_FORWARD
> options IPFIREWALL_FORWARD_EXTENDED
> rc.conf -> firewall_enable=yes gateway_enable=yes firewall_script=/etc/rc.fire
> ifconfig_fxp0="inet 192.168.100.4 netmask 255.255.255.0"
> rc.fire ->
> ipfw add 88 fwd 192.168.100.3,3128 tcp from 192.168.100.0/24 to any 80,81,8000
> ipfw add 89 fwd 192.168.100.3,3128 tcp from 192.168.100.0/24 to any 8001-9000
> ipfw show ->
> 00088 6034 410828 fwd 192.168.100.3,3128 tcp from 192.168.100.0/24 to any dst-port 80,81,8000
> 00089 3132 382127 fwd 192.168.100.3,3128 tcp from 192.168.100.0/24 to any dst-port 8001-9000
> But on machine 192.168.100.3 i'v got nothing - all config was accurate working on free 4.8 - 4.11. update was done through backup configuration (rc.conf & etc) then full new install & kernel reassembling - IPFW FWD doesn't work!
> see full description
> freebsd-i386 at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-i386-unsubscribe at freebsd.org"
I am sorry to tell you this but this is not a Problem (yet); perhaps
some syntax changed (which could imply a Problem in the documentation)
but I see this as a User question, can you please ask the Freebsd-ipfw
(ipfw at FreeBSD.org) group first what they do think about this?
is the URL you need.
p.s. I will close this PR after I submitted this text.
Remko Lodder ** remko at elvandar.org
FreeBSD ** remko at FreeBSD.org
/* Quis custodiet ipsos custodes */
More information about the freebsd-i386