From owner-freebsd-bugs Wed Mar 14 11:50:11 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 1655C37B718 for ; Wed, 14 Mar 2001 11:50:02 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.1/8.11.1) id f2EJo2355003; Wed, 14 Mar 2001 11:50:02 -0800 (PST) (envelope-from gnats) Received: from habanero.fnal.gov (habanero.fnal.gov [131.225.121.127]) by hub.freebsd.org (Postfix) with ESMTP id 9735E37B718 for ; Wed, 14 Mar 2001 11:46:53 -0800 (PST) (envelope-from tez@habanero.fnal.gov) Received: (from tez@localhost) by habanero.fnal.gov (8.11.3/8.11.3) id f2EJlAR08005; Wed, 14 Mar 2001 13:47:10 -0600 (CST) (envelope-from tez) Message-Id: <200103141947.f2EJlAR08005@habanero.fnal.gov> Date: Wed, 14 Mar 2001 13:47:10 -0600 (CST) From: zingelman@fnal.gov Reply-To: zingelman@fnal.gov To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 Subject: conf/25809: /etc/default/rc.conf bad default ipfilter_flags Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 25809 >Category: conf >Synopsis: /etc/default/rc.conf bad default ipfilter_flags >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Mar 14 11:50:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: Tim Zingelman >Release: FreeBSD 4.3-BETA i386 >Organization: Fermilab >Environment: System: FreeBSD habanero.fnal.gov 4.3-BETA FreeBSD 4.3-BETA #1: Tue Mar 13 20:20:50 CST 2001 toor@habanero.fnal.gov:/usr/obj/usr/src/sys/GENERIC i386 >Description: ipfilter kernel module no longer requires -E argument to /sbin/ipf command at system startup time. Using it results in "SIOCFRENB: Invalid argument" message on system console. ipfilter still works as expected. >How-To-Repeat: Add to /boot/loader.conf: ipl_load="YES" Add to /etc/rc.conf: ipfilter_enable="YES" Create valid /etc/ipf.rules Reboot & look at console output or log >Fix: --- /etc/defaults/rc.conf Tue Mar 13 20:29:35 2001 +++ /etc/defaults/rc.conf.new Wed Mar 14 13:33:12 2001 @@ -62,9 +62,7 @@ # see /etc/rc.network (pass1) for details ipfilter_rules="/etc/ipf.rules" # rules definition file for ipfilter, see # /usr/src/contrib/ipfilter/rules for examples -ipfilter_flags="-E" # should be *empty* when ipf is _not_ a module - # (i.e. compiled into the kernel) to - # avoid a warning about "already initialized" +ipfilter_flags="" # Flags to ipfilter (if enabled). ipnat_enable="NO" # Set to YES for ipnat; needs ipfilter, too! ipnat_program="/sbin/ipnat -CF -f" # program and how to specify rules file ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat ##end-pr## >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message