i386/103233: ipfw forward does not work

Remko Lodder remko at FreeBSD.org
Wed Sep 13 10:20:31 PDT 2006 

The following reply was made to PR i386/103233; it has been noted by GNATS.

From: Remko Lodder <remko at FreeBSD.org>
To: Bobrov Alexey <alexey at bobroff.ru>
Cc: freebsd-gnats-submit at FreeBSD.org
Subject: Re: i386/103233: ipfw forward does not work
Date: Wed, 13 Sep 2006 19:11:54 +0200

 Bobrov Alexey wrote:
 >> Number:         103233
 >> Category:       i386
 >> Synopsis:       ipfw forward does not work
 >> Confidential:   no
 >> Severity:       critical
 >> Priority:       high
 >> Responsible:    freebsd-i386
 >> State:          open
 >> Quarter:        
 >> Keywords:       
 >> Date-Required:
 >> Class:          sw-bug
 >> Submitter-Id:   current-users
 >> Arrival-Date:   Wed Sep 13 16:20:22 GMT 2006
 >> Closed-Date:
 >> Last-Modified:
 >> Originator:     Bobrov Alexey
 >> Release:        FreeBSD 5.5-stable
 >> Organization:
 > Project-X
 >> Environment:
 > FreeBSD gate.club4x4.ru 5.5-STABLE FreeBSD 5.5-STABLE #0: Wed Sep 13 02:07:28 MSD 2006
 >> Description:
 > KERN ->options IPDIVERT
 > options IPFIREWALL
 > options IPFIREWALL_FORWARD
 > options IPFIREWALL_FORWARD_EXTENDED
 > rc.conf -> firewall_enable=yes gateway_enable=yes firewall_script=/etc/rc.fire
 > ifconfig_fxp0="inet 192.168.100.4  netmask 255.255.255.0"
 > 
 > rc.fire -> 
 > ipfw add 88 fwd 192.168.100.3,3128 tcp from 192.168.100.0/24 to any 80,81,8000
 > ipfw add 89 fwd 192.168.100.3,3128 tcp from 192.168.100.0/24 to any 8001-9000
 > 
 > ipfw show -> 
 > 00088    6034     410828 fwd 192.168.100.3,3128 tcp from 192.168.100.0/24 to any dst-port 80,81,8000
 > 00089    3132     382127 fwd 192.168.100.3,3128 tcp from 192.168.100.0/24 to any dst-port 8001-9000
 > 
 > But on machine 192.168.100.3 i'v got nothing  - all config was accurate working on  free 4.8 - 4.11. update was done through backup configuration (rc.conf & etc) then  full new install & kernel reassembling - IPFW FWD doesn't work!
 >> How-To-Repeat:
 > see full description
 >> Fix:
 > 
 >> Release-Note:
 >> Audit-Trail:
 >> Unformatted:
 > _______________________________________________
 > freebsd-i386 at freebsd.org mailing list
 > http://lists.freebsd.org/mailman/listinfo/freebsd-i386
 > To unsubscribe, send any mail to "freebsd-i386-unsubscribe at freebsd.org"
 
 Hello,
 
 I am sorry to tell you this but this is not a Problem (yet); perhaps
 some syntax changed (which could imply a Problem in the documentation)
 but I see this as a User question, can you please ask the Freebsd-ipfw
 (ipfw at FreeBSD.org) group first what they do think about this?
 
 http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
 
 is the URL you need.
 
 Cheers,
 Remko
 
 p.s. I will close this PR after I submitted this text.
 
 -- 
 Kind regards,
 
       Remko Lodder               ** remko at elvandar.org
       FreeBSD                    ** remko at FreeBSD.org
 
       /* Quis custodiet ipsos custodes */

More information about the freebsd-i386 mailing list