Date: Tue, 8 Feb 2005 21:22:03 -0800 From: "Loren M. Lang" <lorenl@alzatex.com> To: Jim Arnold <jim0266@yahoo.com> Cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: IP Filter changes in FreeBSD Message-ID: <20050209052203.GK8619@alzatex.com> In-Reply-To: <a06200700be2d74977195@[192.168.0.3]> References: <20050207191621.GB3160@xor.obsecurity.org> <a06200700be2d74977195@[192.168.0.3]>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Feb 07, 2005 at 02:46:50PM -0500, Jim Arnold wrote: > >On Mon, Feb 07, 2005 at 11:08:54AM -0500, Jim Arnold wrote: > > > >> >If you don't have it in your kernel, the module will be loaded at boot > >> >time if it's available. If you don't have the module either, you > >> >can't use ipfilter. > >> > >> I must have been using the module with 4.7 stable since I did not > >> have that in the kernel I was running with 4.7. After I upgraded to > >> 4.11 and IPF was not working I edited my kernel config file to > >> uncomment the lines for IPF and then compiled the new kernel. I still > >> don't have an answer why this happened. > >> > >> Was the module taken out of 4.11 or an earlier version on FreeBSD? > > > >No, it's still there as long as you build modules. If you have > >NO_MODULES in your make.conf, you won't, of course. > > > >Kris > > > >Attachment converted: osx:Untitled 3599 ( / ) (000B9F03) > > I'm using the same /etc/make.conf file when I first put this box > online in 2002. In that make.conf > file the line is commented out: > > #NO_MODULES= true # do not build modules with the kernel > > But the question for me is still, how did this work in 4.7 if the > above was commented out in my /etc/make.conf file and I did not have > these uncommented in my kernel config file when I built my > custom kernel for 4.7? I'd be interested to see if manually loading the module with kldload with the original kernel works. If it does then maybe you're missing something from rc.conf that tells freebsd to load the module. With FreeBSD 5.3, all I need is ipfilter_enable="YES" to have it auto-load the module and start ipfilter, but there might be something more for 4.x > > options IPFILTER > options IPFILTER_LOG > > Thanks, > Jim > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050209052203.GK8619>