IP Filter changes in FreeBSD
Jim Arnold
jim0266 at yahoo.com
Mon Feb 7 08:09:08 PST 2005
>On Mon, Feb 07, 2005 at 12:24:09AM -0500, Jim Arnold wrote:
>> I updated my firewall that is using IPF. I went from FreeBSD 4.7
>> stable to 4.11 stable. When using 4.7 stable I only had this is my
>> rc.conf file:
>>
>> ipfilter_enable="YES"
>> ipfilter_program="/sbin/ipf"
>> ipfilter_rules="/etc/ipf.conf"
>> ipfilter_flags=""
>>
>> When I went to 4.11 stable I had to uncomment these options in my
>> kernel config file:
>>
>> options IPFILTER
>> options IPFILTER_LOG
>>
>> I'm just curious why it worked without the above options in my kernel
>> for 4.7 and I had to have them in 4.11?
>
>If you don't have it in your kernel, the module will be loaded at boot
>time if it's available. If you don't have the module either, you
>can't use ipfilter.
I must have been using the module with 4.7 stable since I did not
have that in the kernel I was running with 4.7. After I upgraded to
4.11 and IPF was not working I edited my kernel config file to
uncomment the lines for IPF and then compiled the new kernel. I still
don't have an answer why this happened.
Was the module taken out of 4.11 or an earlier version on FreeBSD?
I'm just curious as a learning experience what went on in my
situation.
Thanks,
Jim
More information about the freebsd-questions
mailing list