On Apr 24, 2013, at 10:33 AM, Robison, Dave wrote: > On 04/24/2013 10:13, Joe wrote: >> Hello >> >> I am having a very difficult time getting pf firewall to start in a vimage >> jail on 9.1-RELEASE. >> >> Is this at all possible? >> >> If this can be done, would you please share the details on how it's done? >> >> Thanks >> _______________________________________________ >> freebsd-jail@freebsd.org mailing list >> https://urldefense.proofpoint.com/v1/url?u=http://lists.freebsd.org/mailman/listinfo/freebsd-jail&k=%2FbkpAUdJWZuiTILCq%2FFnQg%3D%3D%0A&r=LTzUWWrRnz2iN3PtHDubWRSAh9itVJ%2BMUcNBCQ4tyeo%3D%0A&m=C%2FNtPOiMS1MDnvEsxdWtLnuOvaAqSHCxjciQ4EbMTBs%3D%0A&s=8baced3c49e32d315284bbcd4172014b4b14c44893c7cf3458b8433afa3c2f1f >> To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org" >> >> > > Vimage doesn't yet support PF. IPFW works, however. >
Although one can successfully compile a kernel that has both the VIMAGE option and "device pf" enabled, I've never tried pf inside a vimage. Maybe someone with some good pf experience can give it a go. I know ipfw works all the way. And as we (Joe and I) explored already, a kernel with IPFILTER option (for ipf) will not work with VIMAGE (kernel panic at boot). -- Devin _____________ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _______________________________________________ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
