Date: Tue, 02 Dec 1997 12:36:01 -0800 From: Studded <Studded@dal.net> To: Dan Jacobowitz <drow@chwest.org> Cc: freebsd-stable@freebsd.org Subject: Re: ipfw between kernel versions Message-ID: <34847131.F91E29D8@dal.net> References: <Pine.BSF.3.95LJ1.1b3.971202112549.14008A-100000@mars.wexpress.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Dan Jacobowitz wrote: > > I just attempted to upgrade a 2.2.2 machine to 2.2.5 kernel, and I ran > into a little problem. As near as I have been able to tell, the ipfw > ioctl's changed between the two, causing ipfw to fail and not put in place > the allow all rules needed to counter the default policy - thus no > network. > > Is my interpretation of this correct? Yes. > Should I just install 2.2.5 ipfw? No. > (I'm going to make installworld after I get the kernel in, but based on > past experience I want to do those two seperately.) > > Will the 2.2.5 ipfw work with a 2.2.2 kernel at all? No. I'm not sure what past experience you've had, but everything I've ever read, in addition to vast experience indicates that your best course of action is to make the world, build and install a new kernel, then reboot. In fact, due to the changes in ipfw I highly recommend doing make -DCLOBBER world (in addition to whatever you usually use, -DNOPROFILE is common) because it's possible that the old include files are causing problems during make world to 2.2.5. Another point of possible interest, Alex was kind enough to import the option to make the default ipfw rule "allow" instead of "deny" from -Current, which sounds like it might help you. See LINT for the details. Good luck, Doug
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?34847131.F91E29D8>