From owner-freebsd-current@FreeBSD.ORG Mon Sep 13 01:01:09 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 887C116A4D5 for ; Mon, 13 Sep 2004 01:01:09 +0000 (GMT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.187]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3616643D31 for ; Mon, 13 Sep 2004 01:01:09 +0000 (GMT) (envelope-from max@love2party.net) Received: from [212.227.126.155] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1C6fDN-0006Pu-00; Mon, 13 Sep 2004 03:01:05 +0200 Received: from [84.128.134.217] (helo=donor.laier.local) by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128) (Exim 3.35 #1) id 1C6fDN-00029a-00; Mon, 13 Sep 2004 03:01:05 +0200 From: Max Laier To: freebsd-current@freebsd.org Date: Mon, 13 Sep 2004 02:59:44 +0200 User-Agent: KMail/1.6.2 References: <4144EB8E.1080407@veldy.net> In-Reply-To: <4144EB8E.1080407@veldy.net> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_JEPRB4dEnIyuBGM"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200409130259.53355.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:61c499deaeeba3ba5be80f48ecc83056 cc: "Thomas T. Veldhouse" Subject: Re: PF and FreeBSD 5.x? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Sep 2004 01:01:09 -0000 --Boundary-02=_JEPRB4dEnIyuBGM Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Monday 13 September 2004 02:36, Thomas T. Veldhouse wrote: > I noticed the existance of the /etc/pf.conf and /etc/pf.os. The file > pf.conf makes reference to /usr/share/pf, which does not exist. Further > looking through LINT, there does not appear to be a way to enable PF as > opposed to IPFILTER or IPFIREWALL. So, is PF to be available for > 5.3-RELEASE? If so, how can I expect to use this under the current > 5.3-BETA4? You can build pf into your kernel by putting: device pf device pflog device pfsync into your KERNCONF. The latter two are optional. Alternatively you can use = the=20 loadable module. In any case you can enable pf by setting: pf_enable=3D"YES" in /etc/rc.conf. For additional tweaks see the rc.conf(5) manpage. And yes,= =20 this is supposed to work in BETA4 "out-of-the-box". The missing share/pf is a shortcoming that should be addressed.=20 Maybe /etc/pf.conf should even be removed in order to avoid mergemaster (or= =20 the like) running over a good pf.conf. Can you submit the share/pf issue as a PR so that I keep track of it, pleas= e? =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --Boundary-02=_JEPRB4dEnIyuBGM Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (FreeBSD) iD8DBQBBRPEJXyyEoT62BG0RAigrAJ45HXPQ+OZD4agKFtt/RJzgcN5FEACeICXI GzQ4qZIiBqDNtnxXypfJJQE= =RHTE -----END PGP SIGNATURE----- --Boundary-02=_JEPRB4dEnIyuBGM--