Date: Mon, 7 Feb 2005 11:08:54 -0500 From: Jim Arnold <jim0266@yahoo.com> To: "Kris Kennaway" <kris@obsecurity.org> Cc: freebsd-questions@freebsd.org Subject: Re: IP Filter changes in FreeBSD Message-ID: <a06200700be2d420a985b@[192.168.0.3]> In-Reply-To: <20050207071352.GA4807@xor.obsecurity.org> References: <a06210207be2caabf7209@[192.168.0.4]><20050207071352.GA4807@xor. obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>On Mon, Feb 07, 2005 at 12:24:09AM -0500, Jim Arnold wrote: >> I updated my firewall that is using IPF. I went from FreeBSD 4.7 >> stable to 4.11 stable. When using 4.7 stable I only had this is my >> rc.conf file: >> >> ipfilter_enable="YES" >> ipfilter_program="/sbin/ipf" >> ipfilter_rules="/etc/ipf.conf" >> ipfilter_flags="" >> >> When I went to 4.11 stable I had to uncomment these options in my >> kernel config file: >> >> options IPFILTER >> options IPFILTER_LOG >> >> I'm just curious why it worked without the above options in my kernel >> for 4.7 and I had to have them in 4.11? > >If you don't have it in your kernel, the module will be loaded at boot >time if it's available. If you don't have the module either, you >can't use ipfilter. I must have been using the module with 4.7 stable since I did not have that in the kernel I was running with 4.7. After I upgraded to 4.11 and IPF was not working I edited my kernel config file to uncomment the lines for IPF and then compiled the new kernel. I still don't have an answer why this happened. Was the module taken out of 4.11 or an earlier version on FreeBSD? I'm just curious as a learning experience what went on in my situation. Thanks, Jim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a06200700be2d420a985b>