Your two-line command set should work, and does for me. I'm on
RedHat 5.1 Intel, but this set has worked with kernel 1.something
with Slackware and several generations of RedHat. It could be the
version of ipfwadm, so try going back to an older version, if you
have one.
Have you made any other kernel patches? The problem might be there.
Other than that, no clues. Triple-check your kernel options. Also,
see if there's something in the syslog that might give you a clue.
Charlie Shoemaker
> Subject: [Masq] ipfwadm: setsockopt failed:
> Date: Sat, 13 Mar 99 13:11:11 -0500
> From: brianarb <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
>
> So I'm trying to setup my firewall rules for IP forwarding, using the two
> commands
>
> root@avanti# ipfwadm -F -p deny
> This works with no complants
>
> root@avanti# ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
> "my network is 192.168.1.0"
> This fails giving me the message:
> ipfwadm: setsockopt failed: Invalid argument
>
> if I setup my default policy to be masquerading
> root@avanti# ipfwadm -F -p masquerade
>
> I get no complaints from this command and IP forwarding works well,
> but now I worried about and I qoute from the HOWTO i found on the web.
>
> "Do not make your default policy be masquerading - otherwise someone who
> can manipulate their routing will be able to tunnel straight back through
> your
> gateway, using it to masquerade their identity! "
>
> Can someone explain to me what I'm doing wrong here?
>
> I'm running redhat 5.2 for Alpha, 2.0.36
> and ipfwadm-2.3.0-6
>
>
>
> _______________________________________________
> Masq maillist - [EMAIL PROTECTED]
> http://tiffany.indyramp.com/mailman/listinfo/masq
> Admin requests can be handled by web (above) or [EMAIL PROTECTED]
>
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
