Date: Sun, 21 Dec 1997 21:38:06 -0800 (PST) From: Alex <garbanzo@hooked.net> To: Keith Jackson <kjackson@lsuc.on.ca> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ISC DHCP server (beta5.16) and Berkeley Packet Filter Message-ID: <Pine.BSF.3.96.971221213446.19119C-100000@zippy.dyn.ml.org> In-Reply-To: <349DE08B.5149@lsuc.on.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 21 Dec 1997, Keith Jackson wrote: > I have since discovered this is referring to something called the > Berkeley Packet Filter. I must assume this is not enabled by default on > FreeBSD systems and that I must add this device to the kernel? Yes. > It also seems to indicate that I must use the Berkeley Packet Filter > if I wish to use the ISC DHCP daemon. Is this correct? If so, do all Yes. > DHCP daemons require this to be enabled. I understand there is a I wouldn't know, if there are any other DHCP daemons available, if there are, check them out. > security risk to turning on the Berkeley Packet Filtering. I wouldn't think it's a huge security risk, more of a liability risk, because you can snoop on all the data going over a network device, which means you may come across something you shouldn't, etc.. etc... > If I include a pseudo-device line in our kernel config file and > rebuild the kernel, will this be sufficient to enable BPF? you'll need to also do cd /dev ./MAKEDEV bpf0 for one device, and ./MAKEDEV bpf1, etc for each extra bpf you plan to use/add. > There is an example of such a line in the LINT file in > /usr/src/sys/i386/conf. Finally, someone who reads the "source"! - alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971221213446.19119C-100000>