From owner-freebsd-questions@FreeBSD.ORG Sun Apr 28 11:54:06 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 27B542D4 for ; Sun, 28 Apr 2013 11:54:06 +0000 (UTC) (envelope-from fbsd8@a1poweruser.com) Received: from mail-03.name-services.com (mail-03.name-services.com [69.64.155.195]) by mx1.freebsd.org (Postfix) with ESMTP id 1803B1247 for ; Sun, 28 Apr 2013 11:54:05 +0000 (UTC) Received: from [10.0.10.1] ([173.88.202.176]) by mail-03.name-services.com with Microsoft SMTPSVC(6.0.3790.4675); Sun, 28 Apr 2013 04:54:06 -0700 Message-ID: <517D0DDF.2080603@a1poweruser.com> Date: Sun, 28 Apr 2013 07:54:07 -0400 From: Joe User-Agent: Thunderbird 2.0.0.17 (Windows/20080914) MIME-Version: 1.0 To: Andreas Mueller Subject: Re: loading ipfw at boot time References: <517C7A2E.5040807@a1poweruser.com> <517C7BCB.1000708@meschnet.de> In-Reply-To: <517C7BCB.1000708@meschnet.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 28 Apr 2013 11:54:07.0020 (UTC) FILETIME=[165126C0:01CE4407] X-Sender: fbsd8@a1poweruser.com X-Authenticated-Sender: fbsd8@a1poweruser.com X-EchoSenderHash: [fbsd8]-[a1poweruser*com] Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Apr 2013 11:54:06 -0000 Andreas Mueller wrote: > Hello there. > >> I know ipfw can be loaded at boot time by adding statements to >> /boot/loader.conf. >> >> Problem is I dont know what the ipfw module names are. >> >> How do I find the ipfw names to use? > > Not using ipfw by myself, but according to the handbook, the modules are > loaded automatically, when editing rc.conf to load the firewall: > > Quote: > ------------------------------------------------------------------------ > IPFW is included in the basic FreeBSD install as a run time loadable > module. The system will dynamically load the kernel module when rc.conf > contains the statement firewall_enable="YES". After rebooting the > system, the following white highlighted message is displayed on the > screen as part of the boot process: > > ipfw2 initialized, divert disabled, rule-based forwarding disabled, > default to deny, logging disabled > ------------------------------------------------------------------------ > Source: http://www.freebsd.org/doc/handbook/firewalls-ipfw.html > > Greets, > Andreas > That did not answer my question. What you wrote ONLY applies to the HOST. It has NO effect for a vimage jail. If I use ipfw on the host, then yes the ipfw modules are dynamically loaded into the kernel at boot time and the vimage jail can use them. But I use ipfilter on my host which means I have to recompile the kernel with ipfw hard coded in. Should be able to load the ipfw modules at boot time using loader.conf and still use ipfilter on the host dynamically. So back to the original question. How do I find the ipfw module names to use in the loader.conf file? This is a loader.conf question not a ipfw question. Thanks