Date: Thu, 13 Dec 2018 09:30:12 +0100 From: Kristof Provost <kp@freebsd.org> To: Goran =?utf-8?B?TWVracSH?= <meka@tilda.center> Cc: freebsd-pf@freebsd.org Subject: Re: VNET jails and PF service Message-ID: <20181213083012.GA49515@vega.codepro.be> In-Reply-To: <20181213000232.vk4qoapuqyqly2jx@thinker.home.meka.rs>
index | next in thread | previous in thread | raw e-mail
On 2018-12-13 01:02:32 (+0100), Goran Mekić <meka@tilda.center> wrote: > I can't start PF as service from vnet jail. I have devfs rule to unhide > bpf (for dhclient) and pf that the jail is using. I can run "pfctl -e -f > /etc/pf.conf" but "service pf start" fails with: > > kldload: can't load pf: Operation not permitted > /etc/rc.d/pf: WARNING: Unable to load kernel module pf > Yes, jails can't load kernel modules, for obvious reasons. Your host needs to load the pf module, then the jail will be able to use it. Regards, Kristofhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20181213083012.GA49515>