[pf4freebsd] Re: Version 1.52
Pyun YongHyeon
yongari at kt-is.co.kr
Wed Sep 15 20:39:33 PDT 2004
On Tue, Jun 03, 2003 at 10:38:09PM +0100, Ziad Afra wrote:
> All
>
> I still cant get NAT to work correctly on my setup. Its quite
> frustrating I must say..
>
> My configuration is as follows:-
>
> FreeBSD XXX.XXX.XXX 5.0-RELEASE FreeBSD 5.0-RELEASE #6: Wed May 14
> 00:30:11 BST 2003 root at XXX.XXX.XXX:/usr/obj/usr/src/sys/FREE i386
>
> ===[root] ~ # sysctl -a|grep -i forw
> kern.smp.forward_signal_enabled: 1
> kern.smp.forward_roundrobin_enabled: 1
> net.inet.ip.forwarding: 1
> net.inet.ip.fastforwarding: 1
> net.inet6.ip6.forwarding: 0
>
> ===[root] /boot/kernel # pwd
> /boot/kernel
> ###
> ###
> ###of concern###
> -r-xr-xr-x 1 root wheel 124916 May 14 01:46 pf.ko
> -r-xr-xr-x 1 root wheel 6844 May 14 01:46 pflog.ko
> -r-xr-xr-x 1 root wheel 8442 May 14 01:46 pfsync.ko
>
> ===[root] /boot/kernel # pfctl -sa
> scrub in all fragment reassemble
> pass quick on lo0 all
> nat on fxp0 inet from 172.16.4.1 to any -> 172.16.4.11
> pfctl: DIOCGETALTQS: Operation not supported by device
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
What pf version do you use?
Did you upgrade your kernel for some other reasons(i.e. security patches)?
Do you use ALTQ?
It seems that there is a mismatches between your kernel and pf module.
Please rebuild pf kernel modules. The above message should not appear
whether ALTQ routines enabled or not.
Normal procedures to follow are
#killall pflogd
#kldunload pf
#kldunload pfaltq
#kldunload pfsync
#kldunload pflog
#cd /path/to/pf_source_location
#make clean
#make && make install
Please let me know the results.
If you can feedback more detailed information, you would get better
support.
Thanks and good luck.
> Status: Enabled for 1 days 20:58:49 Debug: None
>
> State Table Total Rate
> current entries 0
> searches 0 0.0/s
[snip]
--
Pyun YongHyeon <http://www.kr.freebsd.org/~yongari>
More information about the freebsd-pf
mailing list