Missing mention in ipfw in the Handbook
Foo Ji-Haw
jhfoo at nexlabs.com
Wed Oct 5 20:23:57 PDT 2005
For what it's worth, I'd like highlight a key point I think is missing, in the ipfw section of the Handbook. This has been discussed earlier with help from this mailing list community. I am just formalising the documentation.
The firewall that comes with the default kernel (at least on the 5.4 release) comes with forwarding disabled. As a result, if you try to do a ipfw fwd (or ipfw forward), you will get a getsockopt error.
The Handbook (at this time of writing) did not mention the inclusion of:
options IPFIREWALL_FORWARD
Recompiling the kernel with this thrown in will activate forwarding by default. I do not know if there is a sysctl parameter which can avoid the kernel recompile. If there is one, kindly contribute to the knowledge base (aka mailing list).
Hopefully this post will save the next FreeBSDer precious time.
More information about the freebsd-questions
mailing list