On Wednesday 08 December 2004 03:57, Kris Kennaway wrote: > On Tue, Dec 07, 2004 at 06:47:07PM -0800, whitevamp wrote: > > not sure if this is the right place to post this .. > > i am currently trying to buld a custom kern ( this in an upgrade from 4.9 > > to 5.3 ) and every time i goto build the kern i get an error saying > > something is an unknowen option and now im getting this one and i got > > this out of src/UPDATING option PFIL_HOOKS ( note that the kern make has > > complained about ,10 options so far that i have placed in the kern file ) > > > > so what would be causeing this error ? a bad cvs up ? or ? i did a cvs up > > to relang 5_3 > > Bad kernel config; if you compare to GENERIC or NOTES (or read > UPDATING) you'll see that the PFIL_HOOKS option was removed. It's > best to stick to GENERIC unless you know what you're doing.
This gets me wondering, might the attached diff be helpful? Is there any rule to (not) remove outdated/expired entries? I know we tell people to really *READ* UPDATING and I really, really suggest that to everybody. But we can still make it easier - right? Are there similar instances? RANDOM_IP_ID does only have the "was removed" note, AFAIR. -- /"\ Best regards, | [EMAIL PROTECTED] \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] / \ ASCII Ribbon Campaign | Against HTML Mail and News
Index: UPDATING
===================================================================
RCS file: /usr/store/mlaier/fcvs/src/UPDATING,v
retrieving revision 1.379
diff -u -r1.379 UPDATING
--- UPDATING 16 Nov 2004 21:18:41 -0000 1.379
+++ UPDATING 8 Dec 2004 03:04:32 -0000
@@ -198,9 +198,7 @@
IPFW has been converted to use PFIL_HOOKS. This change is
transparent to userland and preserves the ipfw ABI. The ipfw
core packet inspection and filtering functions have not been
- changed, only how ipfw is invoked is different. Note that
- "option PFIL_HOOKS" is required to use IPFIREWALL compiled
- into the kernel or as KLD.
+ changed, only how ipfw is invoked is different.
20040814:
The RANDOM_IP_ID option has been replaced by the sysctl
@@ -423,8 +421,7 @@
sure to run mergemaster -p before installworld to create required
user account ("proxy"). If you do not want to build pf with your
system you can use the NO_PF knob in make.conf.
- Also note that pf requires "options PFIL_HOOKS" in the kernel. The
- pf system consists of the following three devices:
+ The pf system consists of the following three devices:
device pf # required
device pflog # optional
device pfsync # optional
@@ -580,13 +577,6 @@
kiconv(3) has been added. mount_msdosfs(8), mount_ntfs(8) and
mount_cd9660(8) need to be in sync with kernel.
-20030925:
- Configuring a system to use IPFILTER now requires that PFIL_HOOKS
- also be explicitly configured. Previously this dependency was
- magically handled through some cruft in net/pfil.h; but that has
- been removed. Building a kernel with IPFILTER but not PFIL_HOOKS
- will fail with obtuse errors in ip_fil.c.
-
20030923:
Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
pgpwKcunFCovC.pgp
Description: PGP signature
