Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 14 Mar 2001 13:47:10 -0600 (CST)
From:      zingelman@fnal.gov
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   conf/25809: /etc/default/rc.conf bad default ipfilter_flags
Message-ID:  <200103141947.f2EJlAR08005@habanero.fnal.gov>
next in thread | raw e-mail | index | archive | help 

>Number:         25809
>Category:       conf
>Synopsis:       /etc/default/rc.conf bad default ipfilter_flags
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Mar 14 11:50:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Tim Zingelman
>Release:        FreeBSD 4.3-BETA i386
>Organization:
Fermilab
>Environment:
System: FreeBSD habanero.fnal.gov 4.3-BETA FreeBSD 4.3-BETA #1: Tue Mar 13 20:20:50 CST 2001 toor@habanero.fnal.gov:/usr/obj/usr/src/sys/GENERIC i386

>Description:
ipfilter kernel module no longer requires -E argument to /sbin/ipf command
at system startup time.  Using it results in "SIOCFRENB: Invalid argument"
message on system console.  ipfilter still works as expected.

>How-To-Repeat:
Add to /boot/loader.conf: ipl_load="YES"
Add to /etc/rc.conf: ipfilter_enable="YES"
Create valid /etc/ipf.rules
Reboot & look at console output or log

>Fix:

--- /etc/defaults/rc.conf	Tue Mar 13 20:29:35 2001
+++ /etc/defaults/rc.conf.new	Wed Mar 14 13:33:12 2001
@@ -62,9 +62,7 @@
 				# see /etc/rc.network (pass1) for details
 ipfilter_rules="/etc/ipf.rules"	# rules definition file for ipfilter, see
 				# /usr/src/contrib/ipfilter/rules for examples
-ipfilter_flags="-E"		# should be *empty* when ipf is _not_ a module
-				# (i.e. compiled into the kernel) to
-				# avoid a warning about "already initialized"
+ipfilter_flags=""		# Flags to ipfilter (if enabled).
 ipnat_enable="NO"		# Set to YES for ipnat; needs ipfilter, too!
 ipnat_program="/sbin/ipnat -CF -f" # program and how to specify rules file
 ipnat_rules="/etc/ipnat.rules"	# rules definition file for ipnat

##end-pr##
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103141947.f2EJlAR08005>