In the last episode (Oct 13), fulan Peng said: > I am using Apache on FreeBSD. If I use port 80 for http port, it > won't work because the security problem. So I configured Apache to > listen port 8800. Now the customer has type > http://breakevilaxis.org:8800 to get on my web site. This is no good. > So I have to forward port 80 request to port 8800. I guess what I > should do is to ipfw add 100 fwd 127.0.0.0,80 tcp from any to any > 8800 in But I got an error when I execute the command. I have > compiled the kernel with LINT configuration. I did make LINT, make > cleandepend;make depend;make;make install I really do not what is the > kernel I am running. I doubt it is still the old kernel which the > IPFIREWALL_FORWARD is not selected. Please help me to achieve this. > > breakevilaxis#uname -a > FreeBSD breakevilaxis.org 7.0-CURRENT-200610 FreeBSD > 7.0-CURRENT-200610 #0: Mon Oct 2 05:44:21 UTC 2006 > root_at_stiles.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 That says your system is running a GENERIC kernel, compiled Oct 2. My guess is you didn't reboot after installing your new kernel. Also, you probably don't want to install the LINT kernel, since it includes every driver FreeBSD supports and lots of debugging code. Just copy GENERIC to a new name, change the "ident" line to match the new filename, and add IPFIREWALL_FORWARD to it. > breakevilaxis# ipfw add 100 fwd 127.0.0.1,80 tcp from any to any 8800 in > ipfw: getsockopt(IP_FW_ADD): Invalid argument That command works fine on my system with IPFIREWALL_FORWARD in the kernel, but you probably want to swap the port numbers. Your command forwards port 8800 to port 80. ipfw add 100 fwd 127.0.0.1,8800 tcp from any to any 80 in > dmesg: > ... > Trying to mount root from ufs:/dev/ad8s1a > ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding disabled, > default to deny, logging disabled This line should have said "rule-based forwarding enabled" if IPFIREWALL_FORWARD was in your kernel config. -- Dan Nelson dnelson_at_allantgroup.comReceived on Fri Oct 13 2006 - 13:19:05 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:01 UTC