5.3 & ipfilter

David Syphers dsyphers at u.washington.edu
Tue Sep 7 17:38:13 PDT 2004

On Tuesday 07 September 2004 05:03 pm, fbsd_user wrote:
> Is there still a loadable module that gets auto loaded at boot time
> when rc.conf contains the ipfilter_enable="YES" statement like in
> 4.10?

ipfilter_enable is still an option in rc.conf.

> Will the final stable version still need kernel option PFIL_HOOKS
> added to the other ipfilter kernel options to compile ipfilter into
> the kernel like in the 5.2 and 5.2.1 development versions or will
> 5.3 return to the way 4.10 worked (IE no PFIL_HOOKS option needed)?

I'm not sure, but 5.3-BETA3 does require PFIL_HOOKS. The change made to 
-CURRENT to always include PFIL_HOOKS (and thus remove it as a kernel option) 
was made after RELENG_5 was branched, and the commit log doesn't mention 
merging that change to RELENG_5.


