need help getting around kern/70401 so I can load ipl.ko
(SOLVED)
Andy Firman
andy at firman.us
Tue Mar 15 11:53:50 PST 2005
On Mon, Mar 14, 2005 at 02:45:04PM -0500, Andy Firman wrote:
> I have not been able to get ipfilter working on a system and
> it is because I don't have INET6 in my custom kernel, and therefore
> the system cannot load the ipl.ko module. Here is the issue:
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=70401
>
Found a solution to my problem. One must add an entry to /etc/make.conf
and then you can rebuild the module, load it, and get the firewall going
with no reboot. Below is a summary of doing this with my TEST kernel
having the INET6 option commented out.
-------------------------------------------------------------------------
su-3.00# kldload -v ipl
kldload: can't load ipl.ko: No such file or directory
su-3.00# uname -a
FreeBSD localhost 5.3-STABLE FreeBSD 5.3-STABLE #0: Mon Mar 14 16:08:45 EST 2005
andy at localhost:/usr/obj/usr/src/sys/TEST i386
must add NOINET6=YES to /etc/make.conf before you make the new module.....
su-3.00# cd /usr/src/sys/modules/ipfilter/
su-3.00# make
su-3.00# make install
su-3.00# kldload -v ipl
Nothing returned to therefore loaded properly...!!!!!
su-3.00# kldstat
Id Refs Address Size Name
1 6 0xc0400000 59f308 kernel
2 1 0xc15fb000 17000 linux.ko
3 1 0xc1670000 16000 ipl.ko
su-3.00# ipfstat -in
empty list for ipfilter(in)
su-3.00# ipfstat -on
empty list for ipfilter(out)
su-3.00# ipf -Fa -f /etc/ipf.rules
This locks up your session. Must login again and start new session.....
Success upon new login in which the rules are working!!!
More information about the freebsd-questions
mailing list