HEADS UP: pf linked to the build/install now
Max Laier
max at love2party.net
Mon Mar 8 17:12:31 PST 2004
Hello,
as you may have seen pf is now linked to the build and can be installed from
the base system. Make sure to run `mergemaster -p' before the installworld
as it requires two additional user accounts/groups.
If you do not want to build/install pf you can use the NO_PF knob in
/etc/make.conf
For the moment you will have troubles with pflog and tcpdump as we are
waiting for a vendor branch update of tcpdump/libpcap.
To build a kernel that supports pf you have to add at least:
options PFIL_HOOKS
device pf
to the GENERIC kernel configuration. Optional you can use:
device pflog
device pfsync
to build-in logging and syncing. Note that it is currently not possible to
pull in these in as a module right now. However it is possible to use pf as
a module. To do this you must add the following to GENERIC:
options PFIL_HOOKS
options RANDOM_IP_ID
already existing in GENERIC, but also required by pf as a module:
options INET
options INET6
device bpf
These requirements can be tweaked by editing the modules/pf* Makefiles.
I hope you have fun with pf and can make good use of it. Report problems,
errors and questions to me or the pf-mailing-list pf4freebsd at freelists.org
(see http://pf4freebsd.love2party.net/ for details) I'd try to avoid
flooding -net or -current with pf related questions. There might be a
freebsd-pf mailing-list some time soon.
--
Best regards, | mlaier at freebsd.org
Max Laier | ICQ #67774661
http://pf4freebsd.love2party.net/ | mlaier at EFnet
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20040309/c0e9319c/attachment.bin
More information about the freebsd-net
mailing list