Date: Wed, 11 Apr 2001 22:33:35 +0200 From: Arjan.deVet@adv.iae.nl (Arjan de Vet) To: l.ipfilter@rtci.com Cc: stable@freebsd.org Subject: Re: Broken rc.network for ipfilter w/ PR (was Re: How to install ipfilter..) Message-ID: <20010411223335.A1195@adv.devet.org> In-Reply-To: <20010408151025.A34209@rtci.com> References: <5.1.0.12.2.20010407230631.00a688c0@mail.vons.local>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <20010408151025.A34209@rtci.com> you write: >> I added the four commands above to /etc/rc.network instead of using >> FreeBSD's ipfilter support through rc.conf mechanism (it assumes that >> ipfilter is built into the kernel) > > There is a PR with a patch sitting on this rc.network fuckup > (oversight) that I'd really love to see committed for 4.3-RELEASE, > but who knows if that's possible with the given timeline. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=26275 > > I completely missed a previous PR on the same issue, but this one > has a patch that will work no matter where $ipfilter_program is set > to (hack), rather then hardcoding an ipfstat location. > > Patch also fixes it so that ipf.rules doesn't have to exist if your > just setting up a NAT. There's another issue that needs fixing: ipmon should be started before ipf. Arjan -- Arjan de Vet, Eindhoven, The Netherlands <Arjan.deVet@adv.iae.nl> URL: http://www.iae.nl/users/devet/ for PGP key: finger devet@iae.nl To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010411223335.A1195>