VNET jails and PF service
Goran Mekić
meka at tilda.center
Thu Dec 13 00:02:42 UTC 2018
Hello,
I can't start PF as service from vnet jail. I have devfs rule to unhide
bpf (for dhclient) and pf that the jail is using. I can run "pfctl -e -f
/etc/pf.conf" but "service pf start" fails with:
kldload: can't load pf: Operation not permitted
/etc/rc.d/pf: WARNING: Unable to load kernel module pf
That's expected given https://svnweb.freebsd.org/base/releng/12.0/libexec/rc/rc.d/pf?view=markup#l25
in the rc file. What is the proper way to enable PF in VNET jail?
Regards,
meka
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20181213/9aacf688/attachment.sig>
More information about the freebsd-pf
mailing list