Hi All, * Mindaugas Rasiukevicius (rm...@netbsd.org) wrote: > As those of you tracking source changes may have already noticed, there > have been various improvements to NPF over the last few months (e.g. support > for dynamic NPF rules). Very great to have listened this. I have posted an npf question in this list since Jan 2013. But there has been no reply.
> Additionally, I created a web page for NPF documentation: > > http://www.netbsd.org/~rmind/npf/ Sorry, it seems that the doc is still not updated as in npf.conf(5) regarding interfaces. $ext_if = "wm0" should be changed to $ext_if = inet4(wm0) or inet6 > NetBSD 6.1 has recently entered Release Candidate > stage, therefore wider testing would be more than welcome! Here's my minimal /etc/npf.conf. # cat /etc/npf.conf $ext_if = inet4(pcn0) procedure "log" { log: npflog0 } procedure "norm" { normalise: "random-id" } group (name "external", interface $ext_if) { pass all } group (default) { pass final on lo0 all block all } This configuration results in an error. # npfctl reload /etc/npf.conf:5:1: invalid parameter 'npflog0' near '}' So I suspected that npflog might be not ready. I tried commenting out three lines of procedure "log". Then again... # npfctl reload npfctl: ioctl: Invalid argument In order to totally eliminate all errors, I must comment out ALL procedures. Is this a bug or mis-configuration? It did not happen when I first checkout to netbsd-6-0-RELEASE. It has been happening since I made it STABLE. # uname -a NetBSD netbsd.localdomain 6.1_RC1 NetBSD 6.1_RC1 (GENERIC) #5: Fri Mar 8 17:34:39 ICT 2013 root@netbsd.localdomain:/usr/obj/sys/arch/i386/compile/GENERIC i386 Thanks in advance, -- Pongthep Kulkrisada "UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity." -- Dennis M. Ritchie
