From owner-freebsd-security Wed Dec 12 13: 7:54 2001 Delivered-To: freebsd-security@freebsd.org Received: from david.siemens.de (david.siemens.de [192.35.17.14]) by hub.freebsd.org (Postfix) with ESMTP id 497E137B417 for ; Wed, 12 Dec 2001 13:07:47 -0800 (PST) Received: from mail1.siemens.de (mail1.siemens.de [139.23.33.14]) by david.siemens.de (8.11.6/8.11.6) with ESMTP id fBCL7hS23948; Wed, 12 Dec 2001 22:07:43 +0100 (MET) Received: from mars.cert.siemens.de (ust.mchp.siemens.de [139.23.201.17]) by mail1.siemens.de (8.11.6/8.11.6) with ESMTP id fBCL7h910993; Wed, 12 Dec 2001 22:07:43 +0100 (MET) Received: from reims.mchp.siemens.de (alaska [139.23.202.134]) by mars.cert.siemens.de (8.12.1/8.12.1/Siemens CERT [ $Revision: 1.18 ]) with ESMTP id fBCL7hn8005674; Wed, 12 Dec 2001 22:07:43 +0100 (CET) Received: from reims.mchp.siemens.de (localhost [127.0.0.1]) by reims.mchp.siemens.de (8.12.1/8.12.1/alaska [ $Revision: 1.10 ]) with ESMTP id fBCL7hIi049913; Wed, 12 Dec 2001 22:07:43 +0100 (CET) Received: (from ust@localhost) by reims.mchp.siemens.de (8.12.1/8.12.1/alaska [ $Revision: 1.2 ]) id fBCL7hFr049912; Wed, 12 Dec 2001 22:07:43 +0100 (CET) Date: Wed, 12 Dec 2001 22:07:43 +0100 From: Udo Schweigert To: Daniel Leal Cc: freebsd-security@FreeBSD.ORG Subject: Re: IP Filter: already initialized Message-ID: <20011212210743.GA48220@alaska.cert.siemens.de> References: <1008190792.3c17c5484856b@mail.webvolution.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1008190792.3c17c5484856b@mail.webvolution.net> User-Agent: Mutt/1.3.24i X-Operating-System: FreeBSD 4.4-STABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Dec 12, 2001 at 20:59:52 +0000, Daniel Leal wrote: > Hi! > I am tring to learn something about security and i was trainning with > a very nice tutorial from Marty Schlacter. > But when I finished, I reboot and during boot I noticed the follwing messages: > ... > Doing initial network setup: > hostname > ipfilter > IP Filter: already initialized > IP FIlter: already initialized > ipmon > ... > > Am I "starting" ipfilter twice? > My rc.conf has the follwing lines: > ipfilter_enable="YES" > ipmon_enable="YES" > > And my kernel file has the ipfilter option: > options IPFILTER > > > It doesn't matter? If it does, what is the problem? > I'm a security beginner and i am a "litle bit" confused with this... > > Can someone help me? > From /etc/defaults/rc.conf: ipfilter_flags="-E" # should be *empty* when ipf is _not_ a module # (i.e. compiled into the kernel) to # avoid a warning about "already initialized" So: setting ipfilter_flags="" in your /etc/rc.conf will fix the problem. Best regards -- Udo Schweigert, Siemens AG | Voice : +49 89 636 42170 CT IC 3, Siemens CERT | Fax : +49 89 636 41166 D-81730 Muenchen / Germany | email : udo.schweigert@siemens.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message