kernel secure level??
Alexander Mogilny
amogilny at gmail.com
Mon Jul 10 07:22:26 UTC 2006
On 7/9/06, Umar Draz <sync_mastar at yahoo.com> wrote:
> hi dear members!!
>
> i have FreeBSD 6.1 machine I configure
>
> kern_securelevel_enable="YES"
> kern_securelevel="2"
>
> When i update my ipfilter or ipnat rules i got this error.
>
> ioctl(SIOCIPFFL): Operation not permitted
> 2:ioctl(add/insert rule): Operation not permitted
> 3:ioctl(add/insert rule): Operation not permitted
> 5:ioctl(add/insert rule): Operation not permitted
> 6:ioctl(add/insert rule): Operation not permitted
> 7:ioctl(add/insert rule): Operation not permitted
> 1:ioctl(add/insert rule): Operation not permitted
> ioctl(SIOCIPFL6): Operation not permitted
>
> Please help me what should i do to update ipfilter and ipnat rules within kern_securelevel
>
You should first decrease securelevel by changing kern.securelevel
sysctl value. This can be achieved by following command:
sysctl kern.securelevel=-1
Then you may change your ipfilter configuration and set your
securelevel to previous value:
sysctl kern.securelevel=2
For more information on securelevel options refer to init (8) manual page.
--
AIM-UANIC +-----[ FreeBSD ]-----+
Alexander Mogilny | The Power to Serve! |
<> sg at portaone.com +---------------------+
More information about the freebsd-i386
mailing list