Darren Reed wrote:
[ Charset ISO-8859-1 unsupported, converting... ]
Hello,
I am installing a FreeBSD 6.1 i386 machine and using IPF. When I
apply some variables to sysctl for IPF I end up with a device busy response.
the variables in question are:
net.inet.ipf.fr_tcpclosed=1
net.inet.ipf.fr_tcpclosewait=60
net.inet.ipf.fr_tcphalfclosed=300
net.inet.ipf.fr_tcpidletimeout=7200
net.inet.ipf.fr_tcplastack=20
net.inet.ipf.fr_tcptimeout=120
net.inet.ipf.fr_udptimeout=120
The problem occurs both on startup with these in sysctl.conf and if I
try do enter it manually:
imap# sysctl net.inet.ipf.fr_tcpclosed=1
net.inet.ipf.fr_tcpclosed: 120
sysctl: net.inet.ipf.fr_tcpclosed: Device busy
For these you have to disable ipf first:
ipf -D
Darren
Thank you, I guess I still have a question about kernel loaded modules
for this. In previous versions of FreeBSD 5.4 and such, I would see
"IP Filter: v3.4.35 initialized. Default = pass all, Logging = enabled"
during startup and then the sysctl settings would show being applied.
The same settings as I am now having trouble with. Has something changed
in way IPF 4.x handles being loaded by FreeBSD 6.1's kernel or is this a
FreeBSD issue entirely? How would I go about supplying these options in
this case? I am just using the base supplied version of IPF and the
suggested kernel/rc.conf options with these sysctls.
The kernel (GENERIC) compiled options of:
options IPFILTER #ipfilter support
options IPFILTER_LOG #ipfilter logging
options IPFILTER_LOOKUP #ipfilter pools
and rc.conf settings of:
ipfilter_enable="YES"
ipmon_enable="YES"
ipmon_flags="-Dsvn"
ipfs_enable="YES"
Thank you.
Peter
