[Freebsd-net] PF installation on 5.2-RELEASE

[Remko Lodder]

from pkg-message which lives in /usr/ports/security/pf/

To use pf, please follow these steps:

1. Add kernel options into your kernel config file and recompile kernel:

device          bpf
options         PFIL_HOOKS
options         RANDOM_IP_ID

2. Please set the following variables in /etc/rc.conf according to your
needs:

pf_enable="Yes"
pf_logd="Yes"
pf_conf="%%PREFIX%%/etc/pf.conf"

3. Check %%PREFIX%%/etc/rc.d/pf.sh, it is the startup script for pf!

--> Makefile snippet

.if !defined(WITH_ALTQ) || (${WITH_ALTQ} != "yes")
pre-fetch:
 @${ECHO_MSG} "======================================================="
 @${ECHO_MSG} "* If you have ALTQ support from:                      *"
 @${ECHO_MSG} "*   http://www.nipsi.de/altq/index.html          or   *"
 @${ECHO_MSG} "*   http://www.rofug.ro/projects/freebsd-altq/        *"
 @${ECHO_MSG} "* You can define WITH_ALTQ=yes to make use of it      *"
 @${ECHO_MSG} "* Please define SYS_ALTQ to point to the patched src  *"
 @${ECHO_MSG} "*                                                     *"
 @${ECHO_MSG} "* e.g.: make WITH_ALTQ=yes SYS_ALTQ=/usr/src/sys.altq *"
 @${ECHO_MSG} "*                                                     *"
 @${ECHO_MSG} "======================================================="
 @sleep 2
.endif

/snip

Does that fill in the blanks? Cheers



--

Kind regards,

Remko Lodder
Elvandar.org/DSINet.org
www.mostly-harmless.nl Dutch community for helping newcomers on the
hackerscene

-----Oorspronkelijk bericht-----
Van: freebsd-net-bounces at lists.elvandar.org
[mailto:freebsd-net-bounces at lists.elvandar.org]Namens Art Mason
Verzonden: woensdag 21 januari 2004 16:13
Aan: freebsd-net at freebsd.org
Onderwerp: [Freebsd-net] PF installation on 5.2-RELEASE


Hello,

My sincerest apologies if this isn't the correct list to post this
question to, but I was wondering if anyone has any guidelines/procedures
to follow regarding the correct installation method for PF on FreeBSD
5.2-RELEASE.  I know of its existence in ports/security, but was
wondering if there are any additional kernel compilation options or
sysctl variables required to get it, along w/ ALTQ, up and running
properly on a fresh install.

Many thanks in advance,

--
Art Mason
Rackspace Managed Hosting
amason at rackspace.com

_______________________________________________
freebsd-net at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
_______________________________________________
Freebsd-net mailing list
Freebsd-net at lists.elvandar.org
http://lists.elvandar.org/mailman/listinfo/freebsd-net