In article <20130313142533.ga...@gmail.com>, Pongthep Kulkrisada <ptkris...@gmail.com> wrote: >Hi All, > >* Mindaugas Rasiukevicius (rm...@netbsd.org) wrote: >> As those of you tracking source changes may have already noticed, there >> have been various improvements to NPF over the last few months (e.g. support >> for dynamic NPF rules). >Very great to have listened this. >I have posted an npf question in this list since Jan 2013. >But there has been no reply. > >> Additionally, I created a web page for NPF documentation: >> >> http://www.netbsd.org/~rmind/npf/ >Sorry, it seems that the doc is still not updated as in npf.conf(5) >regarding interfaces. > >$ext_if = "wm0" >should be changed to >$ext_if = inet4(wm0) >or inet6 > >> NetBSD 6.1 has recently entered Release Candidate >> stage, therefore wider testing would be more than welcome! >Here's my minimal /etc/npf.conf. > ># cat /etc/npf.conf >$ext_if = inet4(pcn0) > >procedure "log" { > log: npflog0 >} > >procedure "norm" { > normalise: "random-id" >} > >group (name "external", interface $ext_if) { > pass all >} > >group (default) { > pass final on lo0 all > block all >} > >This configuration results in an error. > ># npfctl reload >/etc/npf.conf:5:1: invalid parameter 'npflog0' near '}'
This happens if the module is not loaded and the interface has not been created. I have fixed all these issues on head. christos
