From owner-freebsd-pf@FreeBSD.ORG Thu Sep 16 03:38:28 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 674) id 0CA7E16A4D0; Thu, 16 Sep 2004 03:38:28 +0000 (GMT) Delivered-To: mlaier@vampire.homelinux.org Received: (qmail 4580 invoked by uid 1005); 3 May 2003 19:47:39 -0000 Delivered-To: max@vampire.homelinux.org Received: (qmail 4577 invoked from network); 3 May 2003 19:47:39 -0000 Received: from moutng.kundenserver.de (212.227.126.186) by pd9530e9a.dip.t-dialin.net with SMTP; 3 May 2003 19:47:39 -0000 Received: from [212.227.126.153] (helo=mxng02.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 19C3ub-0000HC-00 for max@vampire.homelinux.org; Sat, 03 May 2003 22:47:13 +0200 Received: from [206.53.239.180] (helo=turing.freelists.org) by mxng02.kundenserver.de with esmtp (Exim 3.35 #1) id 19C3uY-0004PJ-00 for max@love2party.net; Sat, 03 May 2003 22:47:11 +0200 Received: from turing.(none) (localhost [127.0.0.1])ESMTP id 1FFBC3904DD; Sat, 3 May 2003 15:41:31 -0500 (EST) Received: with ECARTIS (v1.0.0; list pf4freebsd); Sat, 03 May 2003 15:41:30 -0500 (EST) Delivered-To: pf4freebsd@freelists.org Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.185])ESMTP id D331539015C for ; Sat, 3 May 2003 15:41:29 -0500 (EST) Received: from [212.227.126.161] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 19C3uV-0007R1-00 for pf4freebsd@freelists.org; Sat, 03 May 2003 22:47:07 +0200 Received: from [217.83.14.154] (helo=max900) by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1) id 19C3uU-0004nn-00 for pf4freebsd@freelists.org; Sat, 03 May 2003 22:47:06 +0200 Message-ID: <00a001c311b5$a700dbf0$01000001@max900> From: "Max Laier" To: References: <00a401c31171$7ec2d420$01000001@max900> <3EB42293.3060809@kasimir.com> MIME-Version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-archive-position: 7 X-ecartis-version: Ecartis v1.0.0 Sender: pf4freebsd-bounce@freelists.org Errors-To: pf4freebsd-bounce@freelists.org X-original-sender: max@love2party.net Precedence: normal X-list: pf4freebsd X-UID: 38 X-Length: 4873 X-Mailman-Approved-At: Thu, 16 Sep 2004 03:55:51 +0000 Subject: [pf4freebsd] Re: Version 0.63 released X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: pf4freebsd@freelists.org List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 16 Sep 2004 03:38:28 -0000 X-Original-Date: Sat, 3 May 2003 22:50:37 +0200 X-List-Received-Date: Thu, 16 Sep 2004 03:38:28 -0000 > Hi everyone, > > i made a port for this today. Since this is a first shot and i've never > made a port ever before so any suggestions are welcome. > > If you build the port with "make install WITH_ALTQ=yes" it should build > with ALTQ support. I have not been able to test it since i only have a > -CURRENT system. So if anyone could test and give me some feedback. > > The port is available at http://flds.dyndns.org/pf.tar.gz . Just extract > the file in /usr/ports/security/ goto /usr/ports/security/pf/ and > install it like any other port. > > I haven't included any stop/start scrips nor a pf.conf yet. Should we > add the default OpenBSD pf.conf ? > > > flo Great! Thanks for your effort! There are some issues that need to be addressed though: 1) A port should imho not install everything. authpf and spamd should go into a seperate port. Authpf because of setuid() which might scare away some users and spamd because it's not really in realtion with pf and rather standalone. 2) ftp-proxy, spamd and authpf need special users. These need to be created by a pkg-install script. 3) boot up script, pf.conf.sample and sample entry to inetd.conf as well as required entries in etc/services should be inculded. 4) installing the modules to boot/kernel is not what one would really want. boot/modules or usr/local/somewhere would be the better choice. That can be achived by setting MAKE_ARGS= KMODDIR="whatsoever" I have a port that does that, but it is build apon our (yet internal) 1.0-RC with modified Makefiles which make portbuilding somewhat easier. You can grap a copy of it (with an allready _outdated_ tarball of version 1.0) from http://pf4freebsd.love2party.net/sampleport.tar.gz to see what the Makefiles will be like in the end and what I have in mind. It's my first port as well, so don't exspect too much. There are some things that need to be addressed with my port as well. For example user proxy (for ftp-proxy) is created in group bin while it should rather create it's own group. I was exspecting to get that stuff done some days ago, but didn't find the time :( If you have much time at hand, check out the port and tell me what you think. I hope we can release 1.0 soon and build a port of it. Thanks for your work! Max