From owner-freebsd-current@FreeBSD.ORG Thu Aug 19 16:19:01 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D4D9116A4D0 for ; Thu, 19 Aug 2004 16:19:01 +0000 (GMT) Received: from theatre.msu.edu (theatre.msu.edu [35.8.69.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 695A443D2F for ; Thu, 19 Aug 2004 16:19:01 +0000 (GMT) (envelope-from sagejona@theatre.msu.edu) Received: from [192.168.0.4] (d47-69-71-213.try.wideopenwest.com [69.47.213.71]) (authenticated bits=0) by theatre.msu.edu (8.12.11/8.12.11) with ESMTP id i7JGIqWj068102 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 19 Aug 2004 12:18:53 -0400 (EDT) (envelope-from sagejona@theatre.msu.edu) Message-ID: <4124D2F0.8050000@theatre.msu.edu> Date: Thu, 19 Aug 2004 12:18:56 -0400 From: "Jonathan T. Sage" Organization: MSU Dept of Theatre User-Agent: Mozilla Thunderbird 0.7.2 (Windows/20040707) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Barney Wolff References: <20040819154334.GA23926@pit.databus.com> <200408191559.i7JFxJKo018279@bunrab.catwhisker.org> <20040819161315.GB29937@pit.databus.com> In-Reply-To: <20040819161315.GB29937@pit.databus.com> X-Enigmail-Version: 0.85.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime X-Phone: +1-517-974-1428 X-WWW-Home-Page: http://theatre.msu.edu X-PGP-Key-Figerprint: 182C CF3F 93A9 1DAA 2EBE D4D5 A159 96D9 452E A7F1 X-IM: AIM(jonathantsage,spartyman), ICQ(9587621), YIM(wisesage98) Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigE865930AD06D77AB492DF728" X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on www.theatre.msu.edu X-Virus-Scanned: clamd / ClamAV version devel-20040526, clamav-milter version 0.71 X-Virus-Status: Clean cc: current@freebsd.org Subject: Re: RELENG_5 kernel b0rken with IPFIREWALL and without PFIL_HOOKS X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Aug 2004 16:19:02 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigE865930AD06D77AB492DF728 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Barney Wolff wrote: > Sure, invoking ipfw directly works fine when ipfw's compiled into the kernel, > as does dotting /etc/rc.firewall. But /etc/rc.d/ipfw is what's run at > boot time, and that would seem, at least as I read it, to require that > ipfw be a module, not compiled in. no, it dosn't, kinda. if ! ${SYSCTL} net.inet.ip.fw.enable > /dev/null 2>&1; then if the sysctl item net.inet.ip.fw.enable does NOT exist, then try and load the module. otherwise, return 0 (all ok) if ! kldload ipfw; then warn unable to load firewall module. return 1 fi fi it is failing because the net.inet.ip.fw.enable sysctl was removed. the script needs to be updated to rely on one of the still existing sysctls. as of right now, with no edits, the script cannot complete succesfully unless ipfw is left as a module. No doubt this will be fixed shortly. -- Jonathan T. Sage Theatrical Lighting / Set Designer Professional Web Design "He said he likes me, but he's not in-like with me."- Connie, King of the Hill [HTTP://www.JTSage.com] [HTTP://design.JTSage.com] [sagejona@msu.edu] [See Headers for Contact Info] --------------enigE865930AD06D77AB492DF728 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBJNLwoVmW2UUup/ERApHkAJsEfjmxHM1ZlATk7DxYznc/43P99gCfWlKV Is0c5kmIJjutu1udTwE/oZc= =TabJ -----END PGP SIGNATURE----- --------------enigE865930AD06D77AB492DF728--