Date: Mon, 13 Sep 2004 02:59:44 +0200 From: Max Laier <max@love2party.net> To: freebsd-current@freebsd.org Cc: "Thomas T. Veldhouse" <veldy@veldy.net> Subject: Re: PF and FreeBSD 5.x? Message-ID: <200409130259.53355.max@love2party.net> In-Reply-To: <4144EB8E.1080407@veldy.net> References: <4144EB8E.1080407@veldy.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Monday 13 September 2004 02:36, Thomas T. Veldhouse wrote: > I noticed the existance of the /etc/pf.conf and /etc/pf.os. The file > pf.conf makes reference to /usr/share/pf, which does not exist. Further > looking through LINT, there does not appear to be a way to enable PF as > opposed to IPFILTER or IPFIREWALL. So, is PF to be available for > 5.3-RELEASE? If so, how can I expect to use this under the current > 5.3-BETA4? You can build pf into your kernel by putting: device pf device pflog device pfsync into your KERNCONF. The latter two are optional. Alternatively you can use the loadable module. In any case you can enable pf by setting: pf_enable="YES" in /etc/rc.conf. For additional tweaks see the rc.conf(5) manpage. And yes, this is supposed to work in BETA4 "out-of-the-box". The missing share/pf is a shortcoming that should be addressed. Maybe /etc/pf.conf should even be removed in order to avoid mergemaster (or the like) running over a good pf.conf. Can you submit the share/pf issue as a PR so that I keep track of it, please? -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (FreeBSD) iD8DBQBBRPEJXyyEoT62BG0RAigrAJ45HXPQ+OZD4agKFtt/RJzgcN5FEACeICXI GzQ4qZIiBqDNtnxXypfJJQE= =RHTE -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200409130259.53355.max>