From owner-freebsd-virtualization@FreeBSD.ORG Thu Sep 9 19:53:41 2010 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0B34B10656CD for ; Thu, 9 Sep 2010 19:53:41 +0000 (UTC) (envelope-from luizgustavo@luizgustavo.pro.br) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 9CE2C8FC12 for ; Thu, 9 Sep 2010 19:53:40 +0000 (UTC) Received: by wwb18 with SMTP id 18so2150441wwb.31 for ; Thu, 09 Sep 2010 12:53:39 -0700 (PDT) MIME-Version: 1.0 Received: by 10.216.0.206 with SMTP id 56mr89458web.33.1284060151293; Thu, 09 Sep 2010 12:22:31 -0700 (PDT) Received: by 10.216.176.12 with HTTP; Thu, 9 Sep 2010 12:22:31 -0700 (PDT) In-Reply-To: <20100907164529.O31898@maildrop.int.zabbadoz.net> References: <20100907164529.O31898@maildrop.int.zabbadoz.net> Date: Thu, 9 Sep 2010 16:22:31 -0300 Message-ID: From: "Luiz Gustavo S. Costa" To: "Bjoern A. Zeeb" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: FreeBSD virtualization mailing list Subject: Re: [patch] allow testing VIMAGE with pf in base system only X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Sep 2010 19:53:41 -0000 Hi Bjoern, I just perform tests with your patch and it worked very well! thanks for the patch ... But I found something that may be unsafe within the jail environment, I'm allowed to change /dev/pf, so that if I run a "pfctl-f /etc/pf.conf" inside the jail to do with that the rules are read again, killing pf.conf on the main environment FreeBSD gugabsd.xxxx.com.br 8.1-STABLE FreeBSD 8.1-STABLE #1: Thu Sep 9 14:31:43 BRT 2010 root@gugabsd.xxxx.com.br:/usr/obj/usr/src/sys/GENERIC i386 Thanks 2010/9/7 Bjoern A. Zeeb : > Hey, > > in a way to work on something I needed to be able to at least load pf > on my VIMAGE development machine. =A0So I quickly hacked together a > patch that does exactly that. =A0I hope it'll apply to HEAD or stable/8 > but I didn't test on either. > > This will NOT allow you to use pf with jails+vnet but should allow > using pf in the base system even if VIMAGE is enabled. =A0In case it > still panics for you, let me know and include a backtrace in your > report. > > http://people.freebsd.org/~bz/20100907-01-pf-vnet0.diff > > /bz > > -- > Bjoern A. Zeeb =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0Welcome a new stage of life. > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to > "freebsd-virtualization-unsubscribe@freebsd.org" > --=20 Luiz Gustavo Costa (Powered by BSD) *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ mundoUnix - Consultoria em Software Livre http://www.mundounix.com.br ICQ: 2890831 / MSN: contato@mundounix.com.br Tel: 55 Blog: http://www.luizgustavo.pro.br