From owner-freebsd-current Fri Jan 9 18:20:09 1998 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id SAA09729 for current-outgoing; Fri, 9 Jan 1998 18:20:09 -0800 (PST) (envelope-from owner-freebsd-current) Received: from goliath.camtech.com.au (goliath.camtech.net.au [203.5.73.2]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id SAA09628 for ; Fri, 9 Jan 1998 18:19:47 -0800 (PST) (envelope-from thyerm@camtech.net.au) Received: from camtech.net.au (dialup-ad-3-12.camtech.net.au [203.28.0.108]) by goliath.camtech.com.au (8.8.5/8.8.2) with ESMTP id MAA16811; Sat, 10 Jan 1998 12:47:23 +1030 (CST) Message-ID: <34B6DA80.C402491@camtech.net.au> Date: Sat, 10 Jan 1998 12:48:40 +1030 From: Matthew Thyer X-Mailer: Mozilla 4.04 [en] (Win95; I) MIME-Version: 1.0 To: Hostas Red CC: Studded , current@FreeBSD.ORG Subject: Re: Firewall in kernel? References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk I also have this error. It started after I built a kernel at ctm-src-cur delta # 3200. Note that I also built the world after booting the kernel. I made no changes to my kernel config file (as LINT did not have anything new that I wanted). It is caused by a program in rc.network which trys to detect if the firewall code is compiled into the kernel. This program fails in some way and returns an error code in the 60's (I cant remember as I'm having to use Win95 right now) but the script only expects 0 or 1 as a return code so it mistakenly thinks the firewall is in the kernel. I tried compiling in firewall support (with the default to fully open) but this did not get rid of the error message. I think the program still fails unexpectedly. Why has no one else complained about this ?? I assume you have all passed ctm-src-cur #3200 faily quickly dues to John Dysons changes. I will send kernel config file, and more details on which program fails. Why also does iijppp not work now ?? Maybe because of the firewall error. I tried changing my ppp.linkup for the new syntax for the "add" command (as seen in the lists). I note that the samples still have old syntax. More details will be forthcoming soon. Hostas Red wrote: > > Hi! > > On Thu, 8 Jan 1998, Studded wrote: > > > > Since some time, my system tells me on boot, that "Warning: kernel has > > > firewall functionality, but firewall rules are not enabled. All ip > > > services are disabled." > > Looks like you compiled the firewall into your kernel without enabling > > the loading of the script in /etc/rc.conf. If you are going to compile > > firewall stuff into your kernel, I *highly* recommend using the default > > to accept rule option at least till you get to know things better. > > But i'm completely not going to enable firewall, and i have no stuff about > firewall in kernel config file. This message appeared after one of kernel > compiles. > > Adios, > /KONG