Bug 29947
| Summary: | After running CVSup, natd fails to run "ipfw: get sockopt (ip_fw_add): invalid command | ||
|---|---|---|---|
| Product: | Base System | Reporter: | George Kerr <dgkerr> |
| Component: | bin | Assignee: | freebsd-bugs (Nobody) <bugs> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | ||
| Priority: | Normal | ||
| Version: | Unspecified | ||
| Hardware: | Any | ||
| OS: | Any | ||
On Tue, Aug 21, 2001 at 10:22:15PM -0700, George Kerr wrote: > > >Number: 29947 > >Category: bin > >Synopsis: After running CVSup, natd fails to run "ipfw: get sockopt (ip_fw_add): invalid command Are your world and kernel in sync? That is, did you rebuild and install world and kernel? This is more of a question for the mail lists and should be submitted as a PR after it has been verified to most likely be a bug and not pilot error. -- Crist J. Clark cjclark@alum.mit.edu State Changed From-To: open->closed Feedback timeout. Most likely, the running kernel did not have the IPDIVERT option. |
After I got updates using CVSup, - default release=cvs tag=RELENG_4 - and src-all, plus a few other common lines, the natd portion of the firewall fails to run. The line in rc.ipfw " ${fwcmd} add divert natd all from any to any via ${natd_interface} " gives the following error ip_fw_ctl: Invalid command ipfw: get sockopt(ip_fw_add): Invalid argument. I am sure this worked before getting the update on Saturday Aug 18, 2001 Hope this is a good enough explanation. George Kerr How-To-Repeat: Kernel with IPFIREWALL, IPDIVERT, rc.conf- firewall_type="simple", gaetway_enable="YES", natd_enable="YES", firewall_script="/etc/rc.ipfw", in rc.ipfw, this line: ${fwcmd} add divert natd all from any to any via ${natd_interface}