Recompile kernel or module for ipfw+nat?
nino80 at gmail.com
Tue Sep 30 14:48:27 UTC 2008
>> however, there is a kernel module called ipdivert.ko
>> Is it still necessary to recompile the kernel in order to use nat with
>> ipfw? Or, to put it another way, is there a possibility to use nat and
>> keep the generic kernel?
> You can choose to use the modules or make it static by recompile the kernel.
> IMHO the ipnat(8) is a more simple way to get nat.
Thank you for your input.
I'd prefer to use the module, however it doesn't seem to work:
# ipfw add nat 123 all from any to any <-- example from the man page
ipfw: getsockopt(IP_FW_ADD): Invalid argument
Id Refs Address Size Name
6 2 0xc4400000 d000 ipfw.ko
7 1 0xc9b33000 4000 ipdivert.ko
So, the original question remains - do I really need to recompile the
kernel in order to use NAT with IPFW?
As far as ipnat(8) goes, switching to ipfilter (which is mandatory if
I intend to use ipnat?) is not really an option.
More information about the freebsd-questions