ipf + ipfw + divert = no go
Chris Knipe
savage at savage.za.org
Tue May 24 04:40:37 PDT 2005
On Tue, May 24, 2005 at 12:56:06PM +0200, Chris Knipe wrote:
> Hi,
>
> Quick question...
>
> dmesg:
> IP Filter: v3.4.35 initialized. Default = pass all, Logging = enabled
> ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to accept, logging limited to 1024 packets/entry by default
>
>
> shell:
> bash-2.05b# ipfw add 50 fwd 192.168.0.237,3306 tcp from any to x.x.56.178 dst-port 3306
> ipfw: getsockopt(IP_FW_ADD): Operation not permitted
> bash-2.05b# whoami
> root
> bash-2.05b#
>
> What gives????? FreeBSD 5.4-STABLE
bash-2.05b# ipfw add 50 fwd 1.1.1.1,1 tcp from 1.1.1.1 to 1.1.1.1 dst-port 1
ipfw: getsockopt(IP_FW_ADD): Operation not permitted
bash-2.05b# ipfw add 50 allow ip from me to any
ipfw: getsockopt(IP_FW_ADD): Operation not permitted
bash-2.05b#
Ok, well this is really not right.... -shrugs-
--
Chris.
More information about the freebsd-questions
mailing list