各位大侠过来帮帮忙！！！IPFW有问题！！

zgjacky

我按照iceblood前辈的文章作了IPFW（freebsd4.8）但是好像没有成功，进系统后用命令ipfw -a show出现Segmentation fault (core dumped)在启动的时候有个提示ipfw:sizw mismatch ( have 176 want 48 )是哪里有问题啊？？？？

我的/etc/ipfw.conf
add 00400 divert natd ip from any to any via ep1
add 00001 deny log ip from any to any ipopt rr
add 00002 deny log ip from any to any ipopt ts
add 00003 deny log ip from any to any ipopt ssrr
add 00004 deny log ip from any to any ipopt lsrr
add 00005 deny tcp from any to any in tcpflags syn,fin
#######tcp#########
add 10000 allow tcp from 128.7.41.253 to 128.7.41.5 22 in
add 10001 allow tcp from any to any 80 in
add 10002 allow tcp from any to any 25 in
add 10003 allow tcp from any to any 110 in
add 10003 allow tcp from any to any 21 in
add 10003 allow tcp from any to any 27015 in
add 19997 check-state
add 19998 allow tcp from any to any out keep-state setup
add 19999 allow tcp from any to any out
######udp##########
add 20001 allow udp from any 53 to me in recv ep1
add 29999 allow udp from any to any out
######icmp#########
add 30000 allow icmp from any to any icmptypes 3
add 30001 allow icmp from any to any icmptypes 4
add 30002 allow icmp from any to any icmptypes 8 out
add 30003 allow icmp from any to any icmptypes 0 in
add 30004 allow icmp from any to any icmptypes 11 in
#######lan##########
add 40000 allow all from 128.7.41.0/24 to any
add 40001 allow all from any to 128.7.41.0/24

我的/etc/rc.conf

gateway_enable="YES"
hostname="fbsduser.3322.org"
ifconfig_ep1="inet 10.0.0.3 netmask 255.255.255.0"
ifconfig_rl0="inet 128.7.41.5 netmask 255.255.255.0"
kern_securelevel_enable="NO"
linux_enable="YES"
nfs_reserved_port_only="NO"
sendmail_enable="YES"
sshd_enable="YES"
usbd_enable="YES"
##########IP-firewall#################
firewall_enable="YES"
firewall_logging="YES"
firewall_script="/etc/rc.firewall"
firewall_type="/etc/ipfw.conf"
firewall_quiet="YES"
firewall_logging_enable="YES"
log_in_vain="YES"
tcp_drop_synfin="NO"
tcp_restrict_rst="YES"
icmp_drop_redirect="YES"
##########NATD#######################
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="YES"
ppp_profile="adsl"
natd_enable="YES"
natd_flags="-config /etc/natd.conf"

bjhjf007

你的firewall_type="/etc/ipfw.conf" 错了，应该是你的firewall_script="/etc/rc.firewall" 里面定义的类型，或者是firewall_script="/etc/ipfw.conf"应该也行

sandbeah

firewall_type="OPEN"
或者是CLIENT，这样你去RC。FIREWALL里面找到OPEN这里加你的规则就OK

zgjacky

原帖由 "sandbeah" 发表：
firewall_type="OPEN"
或者是CLIENT，这样你去RC。FIREWALL里面找到OPEN这里加你的规则就OK

OK,谢谢！

iceblood

规则等都没什么错误，从你的情形看错误应该可能是内核编译有点问题。
或你的好象用的ADSL的PPPOE，而我从来没用freebsd弄过PPPOE，我都是写的直接针对网卡上网的。

zhengo

你编译内核出错才出现ipfw:sizw mismatch ( have 176 want 48 )