I have several FreeBSD machines acting as firewalls, all running IPF (v 3 and 4). In the past, I would install FreeBSD off the most recent CD from FreeBSD Mall, lock down the system, and run with it. Worked fine. But alas, in my infinite wisdom, I needed to find out how to use cvsup so that I could keep my systems up to date.
I created a test server running FreeBSD 6.1 and ipfilter 4.1.11 compiled into the kernel. Again, an install off the 6.1 CD. Then I played with cvsup and refreshed the source tree. I dutifully recompiled and installed the kernel. No problems noted. Then I rebooted. The system rebooted and came up but I couldn't contact it with ssh. So I made way to the server and noticed ipfilter's ruleset was empty. Of course, my default stance for the firewall is BLOCKALL, so that answers why I couldn't get to the server. I did an ipf -V and was told that ipfilter was runnning but that I had a user/kernel version mismatch. The user binaries are 4.1.11 and the kernel binaries are 4.1.13. I've poked around on this list, Google Groups, and Google but I can't seem to find (or I'm missing) the instructions for fixing this problem. So, short of blowing away the test server and starting all over again, can someone direct me resources that can tell me how to fix this problem? TIA. -jwb --------------------- Jim Beers CIT Moravian College
