5.x ipdivert.ko with pf and natd?
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Wed Jul 20 20:28:20 GMT 2005
Michael Dexter <dexter at ambidexter.com> writes:
> Hello,
>
> I would like to use natd with packet filter under FreeBSD 5.4.
>
> The rc.conf man page states that I want: natd_enable="YES" and that
> "if the kernel was not built with options IPDIVERT, the ipdivert.ko
> kernel module will be loaded."
>
> Unfortunately, the module ipdivert.ko does not appear to exist in /boot/kernel/
>
> ... but I do see it in 6.x filesystem.
>
> I tried building a kernel with:
>
> options IPDIVERT
>
> and that did not appear to produce the module (depends on ipfw though
> I want to use pf?).
>
> I do however see the source in: /usr/src/sys/netinet/ip_divert.c
>
> 1. Am I overlooking the prebuilt module in 5.x?
> 2. Can I simply build the module on its own without a full buildkernel?
> 3. Given that buildkernel did not produce it, how can I produce it?
No, I don't see it in the module makefile on my -STABLE machine.
natd *does* depend on ipfw; if you want to use pf, you probably want
to use its built-in NAT capabilities.
If you *do* want natd, you can always compile divert directly into
your kernel.
More information about the freebsd-questions
mailing list