Re: 5.3 & ipfilter
On Tuesday 07 September 2004 07:30 pm, JJB wrote: > Thanks for your reply. But you did not answer my first question. I > did not ask if ipfilter_enable="YES" was still valid in 5.3, but if > the ipfilter bootable module is still included in 5.3 and auto > loaded by the ipfilter_enable="YES" in rc.conf? I don't know, actually... I don't use ipfilter myself. I probably wasn't the right person to try to answer your email :) > Since 5.3 is currently going through the weekly testing cycle as > prep for becoming stable I would think this is the appropriate time > to submit a 5.3 bug report to change the default kernel source so it > contains the PFIL_HOOKS. Yes, or ask on the current@ list whether this is a planned MFC (and if not, why not). But PFIL_HOOKS is included in GENERIC by default, so I'm not sure it's that big an issue - you'd have to specifically disable it. -David -- +++ Divide By Cucumber Error. Please Reinstall Universe And Reboot. +++ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: 5.3 & ipfilter
[EMAIL PROTECTED] wrote: > On Tuesday 07 September 2004 05:03 pm, fbsd_user wrote: >> Is there still a loadable module that gets auto loaded at boot time >> when rc.conf contains the ipfilter_enable="YES" statement like in >> 4.10? > > ipfilter_enable is still an option in rc.conf. > >> Will the final stable version still need kernel option PFIL_HOOKS >> added to the other ipfilter kernel options to compile ipfilter into >> the kernel like in the 5.2 and 5.2.1 development versions or will >> 5.3 return to the way 4.10 worked (IE no PFIL_HOOKS option needed)? > > I'm not sure, but 5.3-BETA3 does require PFIL_HOOKS. The change made > to -CURRENT to always include PFIL_HOOKS (and thus remove it as a > kernel option) was made after RELENG_5 was branched, and the commit > log doesn't mention merging that change to RELENG_5. > > -David David Thanks for your reply. But you did not answer my first question. I did not ask if ipfilter_enable="YES" was still valid in 5.3, but if the ipfilter bootable module is still included in 5.3 and auto loaded by the ipfilter_enable="YES" in rc.conf? Since 5.3 is currently going through the weekly testing cycle as prep for becoming stable I would think this is the appropriate time to submit a 5.3 bug report to change the default kernel source so it contains the PFIL_HOOKS. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 5.3 & ipfilter
On Tuesday 07 September 2004 05:03 pm, fbsd_user wrote: > Is there still a loadable module that gets auto loaded at boot time > when rc.conf contains the ipfilter_enable="YES" statement like in > 4.10? ipfilter_enable is still an option in rc.conf. > Will the final stable version still need kernel option PFIL_HOOKS > added to the other ipfilter kernel options to compile ipfilter into > the kernel like in the 5.2 and 5.2.1 development versions or will > 5.3 return to the way 4.10 worked (IE no PFIL_HOOKS option needed)? I'm not sure, but 5.3-BETA3 does require PFIL_HOOKS. The change made to -CURRENT to always include PFIL_HOOKS (and thus remove it as a kernel option) was made after RELENG_5 was branched, and the commit log doesn't mention merging that change to RELENG_5. -David -- +++ Divide By Cucumber Error. Please Reinstall Universe And Reboot. +++ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
