c378 IPFW and nat problem - The FreeBSD Forums
The FreeBSD Forums  

Go Back   The FreeBSD Forums > Server & Networking > Firewalls
Reload this Page IPFW and nat problem
Register FAQ Calendar Search Today's Posts Mark Forums Read

Firewalls IPFW, PF, IPF (but not limited) related discussion

Reply
 
Thread Tools Display Modes
  #1  
Old January 17th, 2011, 03:15
Criosphinx Criosphinx is online now
Junior Member
  
Join Date: Nov 2008
Posts: 9
Thanks: 0
Thanked 5 Times in 3 Posts
Default IPFW and nat problem
Hi.

I don't know what I'am doing wrong but I can't enable NAT at startup, every reboot shows error:
Code:
ipfw: getsockopt(IP_FW_ADD): Invalid argument
at the divert line yet I can add the rule once the system has started

in rc.conf I have:

Code:
firewall_enable="YES"
firewall_type="OPEN"
gateway_enable="YES"
natd_enable="YES"
natd_interface="re0"
kldstat:

Code:
Id Refs Address    Size     Name
 1   17 0xc0400000 bb5384   kernel
 2    2 0xc605b000 11000    ipfw.ko
 3    1 0xc606c000 d000     libalias.ko
 4    1 0xc6119000 4000     ipdivert.ko
 5    1 0xc62e8000 2000     wlan_xauth.ko
 6    1 0xc6371000 68000    radeon.ko
 7    1 0xc63d9000 14000    drm.ko
and dmesg | grep divert

Code:
ipfw2 (+ipv6) initialized, divert loadable, nat loadable, rule-based forwarding disabled, default to deny, logging disabled
Last edited by DutchDaemon; January 17th, 2011 at 03:31.
Reply With Quote
  #2  
Old December 9th, 2012, 15:54
rnejdl rnejdl is offline
Junior Member
  
Join Date: Dec 2009
Posts: 25
Thanks: 0
Thanked 0 Times in 0 Posts
Default Same NAT issue
We're you ever able to resolve this as I have the EXACT same issue. This config worked for a while too but somewhere in upgrading to the latest FreeBSD it got broken.

Thanks!
Rusty Nejdl
Reply With Quote
  #3  
Old December 13th, 2012, 16:10
Morte Morte is offline
Junior Member
  
Join Date: Mar 2012
Posts: 39
Thanks: 2
Thanked 3 Times in 3 Posts
Default
This might be a problem if the NAT module hasn't been loaded when ipfw is initializing.

Try setting ipdivert_load="YES" in /boot/loader.conf
Reply With Quote
  #4  
Old December 13th, 2012, 19:32
Crest Crest is offline
Member
  
Join Date: Jan 2009
Location: ::1
Posts: 106
Thanks: 2
Thanked 28 Times in 22 Posts
Default
Load the ipfw_nat.ko kernel module and use in-kernel NAT.

Code:
kldload ipfw_nat
ipfw nat 1 config if re0
ipfw add nat 1 ip4 from any to any via re0
Reply With Quote
  #5  
Old December 30th, 2012, 17:50
rnejdl rnejdl is offline
Junior Member
  
Join Date: Dec 2009
Posts: 25
Thanks: 0
Thanked 0 Times in 0 Posts
Default
That's what I ended up doing for the ipnat stuff was simply to compile it into the kernel instead of as kernel modules as something is messed up on that as most of my kernel modules just don't load, without any error. NVIDIA, AIO, HTTP_*, VIRTUALBOX, they are just plain skipped.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
[Solved] ipfw nat problems graudeejs Firewalls 14 January 10th, 2011 06:37
IPFW and NAT kalman84 Firewalls 0 November 8th, 2010 09:53
IPFW+NAT+FreeBSD7.3 please help to solve problem rman-86 Firewalls 7 September 22nd, 2010 17:39
IPFW kernel nat problem FreeBSD 8.1 release apanas Firewalls 18 September 18th, 2010 12:54
ipfw nat tablearg --> ipfw nat 0 sandrey Firewalls 0 February 6th, 2009 16:54


All times are GMT +1. The time now is 23:25.

Contact Us - FreeBSD - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.
The mark FreeBSD is a registered trademark of The FreeBSD Foundation and is used by The FreeBSD Project with the permission of The FreeBSD Foundation.
Web protection and acceleration provided by CloudFlare
0