IPFW IPFW kernel options

[gpatrick]

options  IPFIREWALL  # enables IPFW
options  IPFIREWALL_VERBOSE  # enables logging for rules with log keyword
options  IPFIREWALL_VERBOSE_LIMIT=256  # limits number of logged packets per-entry
options  IPFIREWALL_DEFAULT_TO_ACCEPT  # sets default policy to pass what is not explicitly denied
### options  IPDIVERT  # enables NATd Support
options  IPFIREWALL_NAT  # IPFW in-Kernel NAT support
options  LIBALIAS  # required for in-Kernel NAT / replacement for NATd

What are the options to configure IPFW in the kernel?

The options above are what I found on one site, but are different from the handbook. For example,

IPFIREWALL_NAT
LIBALIAS

Are not in the handbook.

I also found that

IPFW2

Should be used instead of IPFIREWALL

I realize that the handbook should be the true source, but those other options were found somewhere, so what is correct?

 

[junovitch@]

Helpful guidance from the Handbook:

In addition to the brief descriptions provided in this file, additional descriptions are contained in NOTES, which can be found in the same directory as GENERIC for that architecture. For architecture independent options, refer to /usr/src/sys/conf/NOTES.

However, you are much better off just doing a kldload ipfw, set up your rules, and be done with it. Figure out what you are trying to achieve first then turn knobs second, if you need to at all.