IP Filter changes in FreeBSD
Kris Kennaway
kris at obsecurity.org
Sun Feb 6 23:13:57 PST 2005
On Mon, Feb 07, 2005 at 12:24:09AM -0500, Jim Arnold wrote:
> I updated my firewall that is using IPF. I went from FreeBSD 4.7
> stable to 4.11 stable. When using 4.7 stable I only had this is my
> rc.conf file:
>
> ipfilter_enable="YES"
> ipfilter_program="/sbin/ipf"
> ipfilter_rules="/etc/ipf.conf"
> ipfilter_flags=""
>
> When I went to 4.11 stable I had to uncomment these options in my
> kernel config file:
>
> options IPFILTER
> options IPFILTER_LOG
>
> I'm just curious why it worked without the above options in my kernel
> for 4.7 and I had to have them in 4.11?
If you don't have it in your kernel, the module will be loaded at boot
time if it's available. If you don't have the module either, you
can't use ipfilter.
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050206/0f02e20c/attachment.bin
More information about the freebsd-questions
mailing list