From owner-freebsd-i386@FreeBSD.ORG Sun Jul 9 18:37:59 2006 Return-Path: X-Original-To: freebsd-i386@freebsd.org Delivered-To: freebsd-i386@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 978A516A4DD for ; Sun, 9 Jul 2006 18:37:59 +0000 (UTC) (envelope-from sync_mastar@yahoo.com) Received: from web42208.mail.yahoo.com (web42208.mail.scd.yahoo.com [66.218.93.209]) by mx1.FreeBSD.org (Postfix) with SMTP id 51E9E43D46 for ; Sun, 9 Jul 2006 18:37:59 +0000 (GMT) (envelope-from sync_mastar@yahoo.com) Received: (qmail 55909 invoked by uid 60001); 9 Jul 2006 18:37:59 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=ACaP34uFwLkndr1Xa/kaQ43qs1V+MxrCvMDxma80iQGZtUVwEFHpniZjCIkVAHOf7nk0VPCDAuuQshtn+7P4xfhUtx1ZU6+/m0o4rdCWbk/UuMDBrnP4A1u5D6qOCBmra31THU1RNEKsIip3bD1dVui3yGb09XAOyBps9zcHYjE= ; Message-ID: <20060709183758.55907.qmail@web42208.mail.yahoo.com> Received: from [202.147.165.70] by web42208.mail.yahoo.com via HTTP; Sun, 09 Jul 2006 11:37:58 PDT Date: Sun, 9 Jul 2006 11:37:58 -0700 (PDT) From: Umar Draz To: freebsd-i386@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: kernel secure level?? X-BeenThere: freebsd-i386@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: I386-specific issues for FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Jul 2006 18:37:59 -0000 hi dear members!! i have FreeBSD 6.1 machine I configure kern_securelevel_enable="YES" kern_securelevel="2" When i update my ipfilter or ipnat rules i got this error. ioctl(SIOCIPFFL): Operation not permitted 2:ioctl(add/insert rule): Operation not permitted 3:ioctl(add/insert rule): Operation not permitted 5:ioctl(add/insert rule): Operation not permitted 6:ioctl(add/insert rule): Operation not permitted 7:ioctl(add/insert rule): Operation not permitted 1:ioctl(add/insert rule): Operation not permitted ioctl(SIOCIPFL6): Operation not permitted Please help me what should i do to update ipfilter and ipnat rules within kern_securelevel Regards, Umar Draz --------------------------------- Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ countries) for 2¢/min or less.