From owner-freebsd-questions@freebsd.org  Thu Jul  7 00:31:39 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 11E76B75CF2
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Thu,  7 Jul 2016 00:31:39 +0000 (UTC)
 (envelope-from FreeBSD@shaneware.biz)
Received: from ipmail05.adl6.internode.on.net (ipmail05.adl6.internode.on.net
 [150.101.137.143])
 by mx1.freebsd.org (Postfix) with ESMTP id 9A5A41B1C
 for <FreeBSD-questions@freebsd.org>; Thu,  7 Jul 2016 00:31:38 +0000 (UTC)
 (envelope-from FreeBSD@shaneware.biz)
Received: from ppp14-2-37-105.lns21.adl2.internode.on.net (HELO leader.local)
 ([14.2.37.105])
 by ipmail05.adl6.internode.on.net with ESMTP; 07 Jul 2016 09:56:05 +0930
Subject: Re: where can kernel firewall options be found?
To: Ernie Luzar <luzar722@gmail.com>
References: <577CFC68.6060608@gmail.com>
 <20160706152201.7c54e5b6.freebsd@edvax.de>
Cc: Freebsd Questions <FreeBSD-questions@freebsd.org>
From: Shane Ambler <FreeBSD@ShaneWare.Biz>
Message-ID: <577DA19B.2040705@ShaneWare.Biz>
Date: Thu, 7 Jul 2016 09:56:03 +0930
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101
 Thunderbird/38.7.1
MIME-Version: 1.0
In-Reply-To: <20160706152201.7c54e5b6.freebsd@edvax.de>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jul 2016 00:31:39 -0000

On 06/07/2016 22:52, Polytropon wrote:
> On Wed, 06 Jul 2016 08:41:12 -0400, Ernie Luzar wrote:
>> I want to compile ipfilter into the kernel. Where do I find the option
>> statements?

According to the handbook page for ipfilter, it is available with the
generic kernel, meaning you don't need to build a custom kernel to use it.

https://www.freebsd.org/doc/en/books/handbook/firewalls-ipf.html

You can disable building ipfilter by adding WITHOUT_IPFILTER to
/etc/src.conf before building your system.

> They are listed in /usr/src/sys/conf/NOTES:
>
> options 	IPFILTER		#ipfilter support
> options 	IPFILTER_LOG		#ipfilter logging
> options 	IPFILTER_LOOKUP		#ipfilter pools
> options 	IPFILTER_DEFAULT_BLOCK	#block all packets by default
>

In case your not sure what to do with those options the handbook
explains how to build a custom kernel.

https://www.freebsd.org/doc/en/books/handbook/kernelconfig-config.html

-- 
FreeBSD - the place to B...Software Developing

Shane Ambler