Here is my new rules file. I have tested it with the commented out lines
and with the comments removed. Tested on vimage/ipfilter kernel and
vimage only kernel. In all 4 combinations the "ipf" and "ipstat"
commands work. I can see the ipf firewall rules.
The problem is when issuing the ping
On Tue, Aug 16, 2016 at 09:05:28PM -0400, Ernie Luzar wrote:
> Bjoern A. Zeeb wrote:
> > On 16 Aug 2016, at 21:08, CyberLeo Kitsana wrote:
> >
> >> On 08/16/2016 03:21 PM, Ernie Luzar wrote:
> >>
> >>> Issuing "ipf -FS -Fa" command from within the vnet jail gives this
> >>> message, "open
Bjoern A. Zeeb wrote:
On 16 Aug 2016, at 21:08, CyberLeo Kitsana wrote:
On 08/16/2016 03:21 PM, Ernie Luzar wrote:
Issuing "ipf -FS -Fa" command from within the vnet jail gives this
message, "open device:no such file or directory. User kernel version
check failed.
According to ipf(8), the
Bjoern A. Zeeb wrote:
In 11-RC* it is present for all 3 firewalls; like VIMAGE due to memory
footprint you might have to compile the firewall into the kernel rather
than kldload it (especially ipfilter).
/bzvnet
The 11.0-RC1 host has vimage and ipfilter compiled into the kernel. Vnet
On 16 Aug 2016, at 12:47, krad wrote:
is ipfilter supported in vnet jails? Last time I looked and tried pf
didnt
work (kernel panics), and only ipfw was supported.
In 11-RC* it is present for all 3 firewalls; like VIMAGE due to memory
footprint you might have to compile the firewall into
On 15 Aug 2016, at 15:37, Ernie Luzar wrote:
Hello list;
Running 11.0-RC1 with only option vimage compiled into the generic
kernel.
I can run ipfilter on the host and start vnet jails containing no
firewalls just fine. But when I try to also have ipfilter run in the
vnet jail nothing
Hello list;
Running 11.0-RC1 with only option vimage compiled into the generic kernel.
I can run ipfilter on the host and start vnet jails containing no
firewalls just fine. But when I try to also have ipfilter run in the
vnet jail nothing happens. I added this to the vnet jails rc.conf
