From owner-freebsd-questions  Sun Dec 21 21:36:53 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id VAA29064
          for questions-outgoing; Sun, 21 Dec 1997 21:36:53 -0800 (PST)
          (envelope-from owner-freebsd-questions)
Received: from zippy.dyn.ml.org (garbanzo@haiti-71.ppp.hooked.net [206.169.228.71])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id VAA29059
          for <freebsd-questions@FreeBSD.ORG>; Sun, 21 Dec 1997 21:36:49 -0800 (PST)
          (envelope-from garbanzo@hooked.net)
Received: from localhost (garbanzo@localhost)
	by zippy.dyn.ml.org (8.8.8/8.8.7) with SMTP id VAA19334;
	Sun, 21 Dec 1997 21:38:06 -0800 (PST)
X-Authentication-Warning: zippy.dyn.ml.org: garbanzo owned process doing -bs
Date: Sun, 21 Dec 1997 21:38:06 -0800 (PST)
From: Alex <garbanzo@hooked.net>
X-Sender: garbanzo@zippy.dyn.ml.org
To: Keith Jackson <kjackson@lsuc.on.ca>
cc: freebsd-questions@FreeBSD.ORG
Subject: Re: ISC  DHCP  server (beta5.16)  and Berkeley Packet Filter
In-Reply-To: <349DE08B.5149@lsuc.on.ca>
Message-ID: <Pine.BSF.3.96.971221213446.19119C-100000@zippy.dyn.ml.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk



On Sun, 21 Dec 1997, Keith Jackson wrote:

> I have since discovered this is referring to something called the
> Berkeley Packet Filter. I must assume this is not enabled by default on
> FreeBSD systems and that I must add this device to the kernel?

Yes.

> It also seems to indicate that I must use the Berkeley Packet Filter
> if I wish to use the ISC DHCP daemon. Is this correct? If so, do all

Yes.

> DHCP daemons require this to be enabled. I understand there is a

I wouldn't know, if there are any other DHCP daemons available, if there
are, check them out.

> security risk to turning on the Berkeley Packet Filtering.

I wouldn't think it's a huge security risk, more of a liability risk,
because you can snoop on all the data going over a network device, which
means you may come across something you shouldn't, etc.. etc...

> If I include a pseudo-device line in our kernel config file and
> rebuild the kernel, will this be sufficient to enable BPF?

you'll need to also do
cd /dev
./MAKEDEV bpf0

for one device, and ./MAKEDEV bpf1, etc for each extra bpf you plan to
use/add.

> There is an example of such a line in the LINT file in
> /usr/src/sys/i386/conf.

Finally, someone who reads the "source"!

- alex