iptables
Taulant Galimuna
taulant at ipko.net
Tue Sep 2 03:00:30 PDT 2003
Thanks Nico,
I'v recompiled my kernel and it's working very good now ... but I have now
another problem :( apache isn't working fine... maybe ipfw bllocked any
port or something that my apache isn't working, works only the "name-based
server"
regards,
Taulant
----- Original Message -----
From: "Nico Meijer" <nico.meijer at zonnet.nl>
To: <freebsd-newbies at freebsd.org>
Sent: Monday, September 01, 2003 4:20 PM
Subject: Re: iptables
> Hi Taulant,
>
> > but there's another problem :)
>
> Of course there is. ;-)
>
> > every command that I'm trying to use it says:
> > ipfw: getsockopt(IP_FW_GET): Protocol not available
> > I don't know if there's anything that I should install first and than
> > use IPFW
>
> Yes, you need to build a custom kernel.
>
> Suggestion: copy /usr/src/sys/[arch]/conf/GENERIC to ~/MYKERNEL (your
> regular user's homedir); in /usr/src/sys/[arch]/conf issue "ln -s
> ~/MYKERNEL". Now you can edit your kernel config logged in as your
> regular user.
>
> You don't want to run around as root if you don't have to, so get sudo
> up and running.
>
> Edit MYKERNEL, add:
>
> options IPFIREWALL # required for IPFW
> options IPFIREWALL_VERBOSE # optional; logging
> options IPFIREWALL_VERBOSE_LIMIT=10 # optional; don't get too many log
> entries
> options IPDIVERT # needed for natd
>
> See the Handbook for building that kernel. I don't know if the
> buildkernel/installkernel sequence works if you have only installed the
> kernel source.
>
> HTH... Nico
>
> P.S. Read the Handbook. Do it now. It is good for you. :-)
> _______________________________________________
> freebsd-newbies at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-newbies
> To unsubscribe, send any mail to "freebsd-newbies-unsubscribe at freebsd.org"
>
More information about the freebsd-newbies
mailing list