Re: problem on pf @ freebsd 7.0
forgot to cc'ed to freebsd-questions@freebsd.org On Wed, May 14, 2008 at 4:40 PM, CyberSans AirBort [EMAIL PROTECTED] wrote: kldstat only shows: Id Refs AddressSize Name 17 0xc040 910b90 kernel 21 0xc0d11000 6a32cacpi.ko 31 0xc6c4f000 22000linux.ko yes, i already put: pf_load=YES pflog_load=YES pfsync_load=YES inside /boot/loader.conf and my previous message, i already compile the kernel with pf and put appropriate line inside /etc/rc.conf and the pf still do not loading when freebsd 7.0 boot up. thank you On Wed, May 14, 2008 at 2:28 PM, Doug Hardie [EMAIL PROTECTED] wrote: On May 13, 2008, at 18:24, CyberSans AirBort wrote: hello there. sorry if this similar question been asked before in this forum. my problem is, i install freebsd 7.0 and after that compile the kernel to enable pf (using the same method like freebsd's handbook said): device pf device pflog device pfsync options ALTQ options ALTQ_CBQ options ALTQ_RED options ALTQ_RIO options ALTQ_HFSC options ALTQ_CDNR options ALTQ_PRIQ options ALTQ_NOPCC and i put everything inside /etc/rc.conf pf_enable=YES pf_rules=/etc/pf.conf pf_flags= pflog_enable=YES pflog_logfile=/var/log/pflog pflog_flags= and guess what? pf is not loading when startup. i have to manually restarted the pf using /etc/rc.d/pf restart is that a bug? i never have this kind of problem when using version 5.* or 6.* Did you load the kernel extensions: pflog and pf? Use kldstat and make sure both of them appear. I had to add pflog_load=YES to /boot/loader.conf to get it to work properly. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problem on pf @ freebsd 7.0
oh yes. i did type exactly like that. and still pf didn't load on startup even though it has /etc/rc.d/pf and like i said before, i have to re-load the pf by using /etc/rc.d/pf restart btw, what kind of freebsd's distro that you used without having problem on this pf? 7.0? On Wed, May 14, 2008 at 4:59 PM, Doug Hardie [EMAIL PROTECTED] wrote: On May 14, 2008, at 01:40, CyberSans AirBort wrote: kldstat only shows: Id Refs AddressSize Name 17 0xc040 910b90 kernel 21 0xc0d11000 6a32cacpi.ko 31 0xc6c4f000 22000linux.ko yes, i already put: pf_load=YES pflog_load=YES pfsync_load=YES inside /boot/loader.conf and my previous message, i already compile the kernel with pf and put appropriate line inside /etc/rc.conf and the pf still do not loading when freebsd 7.0 boot up. thank you On Wed, May 14, 2008 at 2:28 PM, Doug Hardie [EMAIL PROTECTED] wrote: On May 13, 2008, at 18:24, CyberSans AirBort wrote: hello there. sorry if this similar question been asked before in this forum. my problem is, i install freebsd 7.0 and after that compile the kernel to enable pf (using the same method like freebsd's handbook said): device pf device pflog device pfsync options ALTQ options ALTQ_CBQ options ALTQ_RED options ALTQ_RIO options ALTQ_HFSC options ALTQ_CDNR options ALTQ_PRIQ options ALTQ_NOPCC and i put everything inside /etc/rc.conf pf_enable=YES pf_rules=/etc/pf.conf pf_flags= pflog_enable=YES pflog_logfile=/var/log/pflog pflog_flags= and guess what? pf is not loading when startup. i have to manually restarted the pf using /etc/rc.d/pf restart is that a bug? i never have this kind of problem when using version 5.* or 6.* Did you load the kernel extensions: pflog and pf? Use kldstat and make sure both of them appear. I had to add pflog_load=YES to /boot/loader.conf to get it to work properly. pf should be loaded by /etc/rc.d/pf. pflog has to be loaded by you. Easiest is in /boot/loader.conf as described above. Check the typing very carefully for the pf commands. Mine are: pf_enable=YES # Enable PF (load module if required) pf_rules=/etc/pf.conf # rules definition file for pf pf_flags= # additional flags for pfctl startup ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problem on pf @ freebsd 7.0
On Wed, 14 May 2008 09:24:52 +0800 CyberSans AirBort [EMAIL PROTECTED] wrote: and guess what? pf is not loading when startup. i have to manually restarted the pf using /etc/rc.d/pf restart What exactly do you mean by not loading? Do you mean not working? Are there any pf related error messages in /var/log/messages. In some case pf does need a /etc/rc.d/pf resync (or restart) done at a later stage. e.g if pf.conf uses hostnames that can't be resolved at that stage of the boot. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problem on pf @ freebsd 7.0
Take a look in /etc/defaults/rc.conf The bits for PF are already there. All you should need is to set pf_enable=YES A quick guess would be that that /etc/defaults/rc.conf is loaded after /etc/rc.conf, and pf_enable is reset to NO, but that is just a guess. Here is my pf section from /etc/defaults/rc.conf that brings pf up on boot: snip pf_enable=YES # Set to YES to enable packet filter (pf) pf_rules=/etc/pf.conf # rules definition file for pf pf_program=/sbin/pfctl# where the pfctl program lives pf_flags= # additional flags for pfctl pflog_enable=YES # Set to YES to enable packet filter logging pflog_logfile=/var/log/pflog # where pflogd should store the logfile pflog_program=/sbin/pflogd# where the pflogd program lives pflog_flags= # additional flags for pflogd snip On Wed, May 14, 2008 at 5:24 AM, RW [EMAIL PROTECTED] wrote: On Wed, 14 May 2008 09:24:52 +0800 CyberSans AirBort [EMAIL PROTECTED] wrote: and guess what? pf is not loading when startup. i have to manually restarted the pf using /etc/rc.d/pf restart What exactly do you mean by not loading? Do you mean not working? Are there any pf related error messages in /var/log/messages. In some case pf does need a /etc/rc.d/pf resync (or restart) done at a later stage. e.g if pf.conf uses hostnames that can't be resolved at that stage of the boot. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problem on pf @ freebsd 7.0
On Wed, 14 May 2008 11:07:03 -0700 xSAPPYx [EMAIL PROTECTED] wrote: Take a look in /etc/defaults/rc.conf The bits for PF are already there. All you should need is to set pf_enable=YES A quick guess would be that that /etc/defaults/rc.conf is loaded after /etc/rc.conf, and pf_enable is reset to NO, but that is just a guess. You aren't intended to modify /etc/defaults/rc.conf, so there wouldn't be much point in its loading after /etc/rc.conf. And since pf restart works, pf_enable must be set to YES. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problem on pf @ freebsd 7.0
hello there. i think this conversation can be closed right now. when i try to look at dmesg output: Starting pflog. May 14 16:09:53 pflogd[471]: [priv]: msg PRIV_OPEN_LOG received Enabling pf. no IP address found for securehost.xxx.xx /etc/pf.conf:9: could not parse host specification pfctl: Syntax error in config file: pf rules not loaded which securehost.xxx.xx cannot be resolved while booting because no dns server was contacted. when i remove the hosts from pf.conf then pf is loaded when booting. thank you for now On Wed, May 14, 2008 at 5:30 PM, CyberSans AirBort [EMAIL PROTECTED] wrote: oh yes. i did type exactly like that. and still pf didn't load on startup even though it has /etc/rc.d/pf and like i said before, i have to re-load the pf by using /etc/rc.d/pf restart btw, what kind of freebsd's distro that you used without having problem on this pf? 7.0? On Wed, May 14, 2008 at 4:59 PM, Doug Hardie [EMAIL PROTECTED] wrote: On May 14, 2008, at 01:40, CyberSans AirBort wrote: kldstat only shows: Id Refs AddressSize Name 17 0xc040 910b90 kernel 21 0xc0d11000 6a32cacpi.ko 31 0xc6c4f000 22000linux.ko yes, i already put: pf_load=YES pflog_load=YES pfsync_load=YES inside /boot/loader.conf and my previous message, i already compile the kernel with pf and put appropriate line inside /etc/rc.conf and the pf still do not loading when freebsd 7.0 boot up. thank you On Wed, May 14, 2008 at 2:28 PM, Doug Hardie [EMAIL PROTECTED] wrote: On May 13, 2008, at 18:24, CyberSans AirBort wrote: hello there. sorry if this similar question been asked before in this forum. my problem is, i install freebsd 7.0 and after that compile the kernel to enable pf (using the same method like freebsd's handbook said): device pf device pflog device pfsync options ALTQ options ALTQ_CBQ options ALTQ_RED options ALTQ_RIO options ALTQ_HFSC options ALTQ_CDNR options ALTQ_PRIQ options ALTQ_NOPCC and i put everything inside /etc/rc.conf pf_enable=YES pf_rules=/etc/pf.conf pf_flags= pflog_enable=YES pflog_logfile=/var/log/pflog pflog_flags= and guess what? pf is not loading when startup. i have to manually restarted the pf using /etc/rc.d/pf restart is that a bug? i never have this kind of problem when using version 5.* or 6.* Did you load the kernel extensions: pflog and pf? Use kldstat and make sure both of them appear. I had to add pflog_load=YES to /boot/loader.conf to get it to work properly. pf should be loaded by /etc/rc.d/pf. pflog has to be loaded by you. Easiest is in /boot/loader.conf as described above. Check the typing very carefully for the pf commands. Mine are: pf_enable=YES # Enable PF (load module if required) pf_rules=/etc/pf.conf # rules definition file for pf pf_flags= # additional flags for pfctl startup ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
problem on pf @ freebsd 7.0
hello there. sorry if this similar question been asked before in this forum. my problem is, i install freebsd 7.0 and after that compile the kernel to enable pf (using the same method like freebsd's handbook said): device pf device pflog device pfsync options ALTQ options ALTQ_CBQ options ALTQ_RED options ALTQ_RIO options ALTQ_HFSC options ALTQ_CDNR options ALTQ_PRIQ options ALTQ_NOPCC and i put everything inside /etc/rc.conf pf_enable=YES pf_rules=/etc/pf.conf pf_flags= pflog_enable=YES pflog_logfile=/var/log/pflog pflog_flags= and guess what? pf is not loading when startup. i have to manually restarted the pf using /etc/rc.d/pf restart is that a bug? i never have this kind of problem when using version 5.* or 6.* ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
