Date: Thu, 13 Dec 2018 01:02:32 +0100 From: Goran =?utf-8?B?TWVracSH?= <meka@tilda.center> To: freebsd-pf@freebsd.org Subject: VNET jails and PF service Message-ID: <20181213000232.vk4qoapuqyqly2jx@thinker.home.meka.rs>
next in thread | raw e-mail | index | archive | help
--fjdo62hkmit72vr5 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Hello, I can't start PF as service from vnet jail. I have devfs rule to unhide bpf (for dhclient) and pf that the jail is using. I can run "pfctl -e -f /etc/pf.conf" but "service pf start" fails with: kldload: can't load pf: Operation not permitted /etc/rc.d/pf: WARNING: Unable to load kernel module pf That's expected given https://svnweb.freebsd.org/base/releng/12.0/libexec/rc/rc.d/pf?view=markup#l25 in the rc file. What is the proper way to enable PF in VNET jail? Regards, meka --fjdo62hkmit72vr5 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE1WIFkXy2ZeMKjjKEWj1TknovrLYFAlwRoZUACgkQWj1Tknov rLZqcA/+I3CYPBnOrH7FTAfcRi6/E8JYUojzB02dRTgA5XgWTzM40MgLz+OhO6qo qnyNd2Omz/AEHHsnIewuW6qgjcMfdxzk6aStX6ZTF0NKiWthrM7dMAFyJN3GMA2Q x9f653MR8sBMdlmVCtBhE/arXdFQNHthOQJokps5tuBv891AFU1A2g4Fr4jUHB1u rcrjZ/qN1naB3/z2CQbMGLb93nndiNo4QD9ufR69G8bB6A/ejX0Cx4Xc1UipGIOb jxLrYyA0AkHdkpsHxRGJboRWKuNHalnHq8PzishzjFYPw6/e8Eslr/VDMALYLWN3 AVVS2+4KrqbyN6iVeEfEsfLBIROt3CONA4KyfsOQ2pUcVP5krlYV9Uh0hEDrU5U5 E4j8cMqk6aYhWgRU0zrmYkftTE5btisRN7GL0gzAYDkEe4eDuB6f5tGlFtEbqpCO NR3B80XU+0QAusW/HJXlCAw30QICo7irwqiEagy+WxdAC/zscRYWXRltBHgZAnfE UBndQSa5BLQvF272O2+6IuDPbudRlVGRHV3tyXgZrjTx/fK0NRBzxrYh2uDdr5qb JtAOgukVFSofUtcZTFOoGHUAQK1ODAr29vijM2aTIIw5ZVijZdkiP+UDzAriFYFg VGhZzMjWuYO5MjmCXYCJRW67KTfOkxqvwOtQIP2tXGlayZBcOuU= =jazT -----END PGP SIGNATURE----- --fjdo62hkmit72vr5--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20181213000232.vk4qoapuqyqly2jx>