bin/113803: [patch] bin/ipfw.8 - don't get bitten by the fwd rule
Edwin Groothuis
edwin at mavetju.org
Sun Jun 17 23:40:05 UTC 2007
>Number: 113803
>Category: bin
>Synopsis: [patch] bin/ipfw.8 - don't get bitten by the fwd rule
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sun Jun 17 23:40:04 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Edwin Groothuis
>Release: FreeBSD 6.2-RELEASE-p4 i386
>Organization:
-
>Environment:
System: FreeBSD k7.mavetju 6.2-RELEASE-p4 FreeBSD 6.2-RELEASE-p4 #0: Thu Apr 26 17:55:55 UTC 2007 root at i386-builder.daemonology.net:/usr/obj/usr/src/sys/SMP i386
>Description:
After hours of struggling with the "ipfw fwd" option I found out
why I didn't understand what was going wrong. I have updated the
documentation of the ipfw fwd option to make this more obvious.
>How-To-Repeat:
>Fix:
Index: ipfw.8
===================================================================
RCS file: /home/ncvs/src/sbin/ipfw/ipfw.8,v
retrieving revision 1.200
diff -u -r1.200 ipfw.8
--- ipfw.8 4 May 2007 11:15:41 -0000 1.200
+++ ipfw.8 17 Jun 2007 23:28:38 -0000
@@ -735,10 +735,13 @@
entry look rather weird but is intended for
use with transparent proxy servers.
.Pp
-To enable
+Note: To enable the
.Cm fwd
-a custom kernel needs to be compiled with the option
+action, a custom kernel needs to be compiled with the option
.Cd "options IPFIREWALL_FORWARD" .
+This is NOT done automatically when enabling it in the
+.Nm
+kernel module.
.It Cm nat Ar nat_nr
Pass packet to a
nat instance
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list