Date: Thu, 13 Dec 2018 09:30:12 +0100 From: Kristof Provost <kp@freebsd.org> To: Goran =?utf-8?B?TWVracSH?= <meka@tilda.center> Cc: freebsd-pf@freebsd.org Subject: Re: VNET jails and PF service Message-ID: <20181213083012.GA49515@vega.codepro.be> In-Reply-To: <20181213000232.vk4qoapuqyqly2jx@thinker.home.meka.rs> References: <20181213000232.vk4qoapuqyqly2jx@thinker.home.meka.rs>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2018-12-13 01:02:32 (+0100), Goran Mekić <meka@tilda.center> wrote: > I can't start PF as service from vnet jail. I have devfs rule to unhide > bpf (for dhclient) and pf that the jail is using. I can run "pfctl -e -f > /etc/pf.conf" but "service pf start" fails with: > > kldload: can't load pf: Operation not permitted > /etc/rc.d/pf: WARNING: Unable to load kernel module pf > Yes, jails can't load kernel modules, for obvious reasons. Your host needs to load the pf module, then the jail will be able to use it. Regards, Kristof
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20181213083012.GA49515>