Bug 61873
| Summary: | adding IPFW2 support to dial-up firewall for 4.x users | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Documentation | Reporter: | pirat <pirat> | ||||||
| Component: | Books & Articles | Assignee: | josef | ||||||
| Status: | Closed FIXED | ||||||||
| Severity: | Affects Only Me | ||||||||
| Priority: | Normal | ||||||||
| Version: | Latest | ||||||||
| Hardware: | Any | ||||||||
| OS: | Any | ||||||||
| Attachments: |
|
||||||||
Responsible Changed From-To: freebsd-doc->josef I'll handle this one. Hi there, I believe the problem was caused because you didn't correctly read the ipfw(8) manual page. The man page clearly states what is required to in order to get IPFW2 working on -STABLE systems: ipfw2 is standard in FreeBSD CURRENT, whereas FreeBSD STABLE still uses ipfw1 unless the kernel is compiled with options IPFW2, and /sbin/ipfw and /usr/lib/libalias are recompiled with -DIPFW2 and reinstalled (the same effect can be achieved by adding IPFW2=TRUE to /etc/make.conf before a buildworld). That said, perhaps the article should point users to the relevant section of the man page. I've attached a patch to do just that, as well as a slight amendment of the ruleset, as per suggestions from the freebsd-ipfw lists. Cheers, Marc State Changed From-To: open->closed Committed maintainer's patch. Thanks. |
document only informs 4.x users to add ipfw2 support for kernel. man ipfw explains that world need to change also in order to use ipfw2. a few days ago, i added options IPFW2 to my kernel and rebuilt. ipfw show produce core and i can not use any of such x application as galeon or mozilla. my instincs tell me that i need to read manpage of ipfw and there under section USING IPPF2 IN FreeBSD-STABLE in the first paragraph says ipfw2 is standard in FreeBSD CURRENT, whereas FreeBSD STABLE still +uses ipfw1 unless the kernel is compiled with options IPFW2, and /sbin/ipfw and /usr/lib/libalias are recompiled with -DIPFW2 and reinstalled (the same effect can be achieved by adding IPFW2=TRUE to /etc/make.conf +before a buildworld). i do not want anyone else to repeat my errors. sorry for my poor english.