Need help: fwd on ipfw

K Anderson freebsduser at comcast.net
Mon Oct 3 21:57:02 PDT 2005


----- Original Message ----- 
From: "Foo Ji-Haw" <jhfoo at nexlabs.com>
To: <freebsd-questions at freebsd.org>
Sent: Monday, October 03, 2005 9:20 PM
Subject: Need help: fwd on ipfw


Hi all, I really need your help on this if you can...

I am trying to put set up port forwarding on my machine. So far the usual 
'add allow' and 'add deny' rules work perfectly. The most important rule 
which bugs me is the 'add fwd' rule, which the snippet below shows:
ipfw add fwd 192.168.0.4,80 tcp from 10.10.10.0 to any 80

When I try to enter this on the command line, I get the following error:
 ipfw: getsockopt(IP_FW_ADD): Invalid Argument

I tried researching the web. Some mention the error only upon recompiling 
kernels. But I am using the standard 5.4 product release as-is. My firewall 
rules in rc.conf are as follows:
firewall_enable="YES"
firewall_logging="YES"

I also have this line in dmesg:
 ipfw2 initialized, divert disabled, rule-based forwarding disabled, default 
to deny, logging disabled

I see that 'rule-based forwarding' is disabled. Is this what caused the 
error? How can I enable it? I can't find the details on the Handbook.
-----------------

I did a google search on your message and found something. Here's a snip of 
it.

options IPFIREWALL
 options IPFIREWALL_DEFAULT_TO_ACCEPT
 options IPFIREWALL_VERBOSE
 options IPFIREWALL_FORWARD

 if you don't add them to your kernel, forwarding in ipfw will  be disabled.

Here's the URL. 
http://archives.neohapsis.com/archives/freebsd/2005-01/0089.html

Hope that helps.

~Mr. Anderson 




More information about the freebsd-questions mailing list