kern/107305: [ipfw] ipfw fwd doesn't seem to work
Andrey V. Elsukov
bu7cher at yandex.ru
Fri Apr 27 05:10:15 UTC 2007
The following reply was made to PR kern/107305; it has been noted by GNATS.
From: "Andrey V. Elsukov" <bu7cher at yandex.ru>
To: bug-followup at FreeBSD.org, hidden at 4you.lt
Cc:
Subject: Re: kern/107305: [ipfw] ipfw fwd doesn't seem to work
Date: Fri, 27 Apr 2007 08:46:09 +0400
Hi,
IP Address 212.59.27.254 is local for your system.
In 6.0-RELEASE you should add IPFIREWALL_FORWARD_EXTENDED
kernel option in your kernel config.
http://www.freebsd.org/releases/6.0R/relnotes-i386.html
"The ipfw(8) ipfw fwd rule now supports the full packet destination
manipulation when the kernel option options
IPFIREWALL_FORWARD_EXTENDED is specified in addition to options
IPFIRWALL_FORWARD. This kernel option disables all restrictions to
ensure proper behavior for locally generated packets and allows
redirection of packets destined to locally configured IP addresses.
Note that ipfw(8) rules have to be carefully crafted to make sure that
things like PMTU discovery do not break."
--
WBR, Andrey V. Elsukov
More information about the freebsd-ipfw
mailing list