IPFW Operation not permitted

[fumanchu]

Hello,

I am trying to setup some rules in the ipfw; however, no matter what I do, I keep getting "Operating not permitted" errors. For example,

root@localhost:/ # ipfw -q add 02230 allow tcp from any to me dst-port 5671 via igb0 setup keep-state
ipfw: getsockopt(IP_FW_XADD): Operation not permitted
root@localhost:/ #

Any ideas are greatly appreciated...

 

[SirDice]

At what secure level are you running?

     3     Network secure mode - same as highly secure mode, plus IP packet
           filter rules (see ipfw(8), ipfirewall(4) and pfctl(8)) cannot be
           changed and dummynet(4) or pf(4) configuration cannot be adjusted.

 

[fumanchu]

Ah, yes. I did read a bit about that.. I believe that I have the security level set to:

kern_securelevel="3"

 

[fumanchu]

Okay, I found the documentation related to this at https://www.freebsd.org/cgi/man.cgi?securelevel...

Thanks.