From owner-freebsd-questions@FreeBSD.ORG Tue Sep 7 21:17:05 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A660216A4CE for ; Tue, 7 Sep 2004 21:17:05 +0000 (GMT) Received: from smtp.mailbox.co.uk (smtp.mailbox.co.uk [195.82.125.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E2F843D2F for ; Tue, 7 Sep 2004 21:17:05 +0000 (GMT) (envelope-from waynep@smtp.penguinpowered.org) Received: from core.penguinpowered.org ([212.18.250.170] helo=smtp.penguinpowered.org) by smtp.mailbox.co.uk with esmtp (Exim 4.30) id 1C4nKq-0002DS-JA; Tue, 07 Sep 2004 22:17:04 +0100 Received: from waynep by smtp.penguinpowered.org with local (Exim 4.30; FreeBSD) id 1C4nGJ-0000Lz-3u; Tue, 07 Sep 2004 22:12:23 +0100 Date: Tue, 7 Sep 2004 22:12:23 +0100 From: Wayne Pascoe To: Remko Lodder Message-ID: <20040907211223.GA1326@marvin.penguinpowered.org> References: <20040907175149.GA29871@marvin.penguinpowered.org> <413DF8E6.9080700@elvandar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <413DF8E6.9080700@elvandar.org> User-Agent: Mutt/1.4.2.1i X-System: FreeBSD i386 with kernel 5.2.1-RELEASE-p9 Sender: Wayne Pascoe cc: freebsd-questions@freebsd.org Subject: Re: IP Filter on FreeBSD 5.2.1 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Sep 2004 21:17:05 -0000 On Tue, Sep 07, 2004 at 08:07:34PM +0200, Remko Lodder wrote: > I think you missed this option: > > options PFIL_HOOKS # pfil(9) framework > > in your kernel config file.. > > Try it and see it's magic ;) Thanks a bunch - that did the trick. I've checked the doc I used to do this, and it wasn't mentioned. I'll submit something to the maintainer tomorrow. Now I just have to find some useful sample rulesets. It's been about 18 months since I touched ipfilter, and things seem to have changed a little :) -- Wayne Pascoe (gpg --keyserver www.co.uk.pgp.net --recv-keys 79A7C870) If there's anything more important than my ego around, I want it caught and shot now!