npf attempts to auto load bpfjit, if it receives an error (such as
'permission denied because securelevel=1'), it will report that bpfjit
is not loaded and this is a performance problem, even if bpfjit is
already loaded.
in -8 it will no longer do this.
On Mon, 27 Mar 2017, at 17:22, atomicules wrote:
> >npfctl: error loading the bpfjit module; performance will be degraded:
> >Operation not permitted
> >npfctl: To disable this warning `set bpf.jit off' in /etc/npf.conf
>
> I think that's a XEN issue. I've been playing about with npf and
>
npfctl: error loading the bpfjit module; performance will be degraded:
Operation not permitted
npfctl: To disable this warning `set bpf.jit off' in /etc/npf.conf
I think that's a XEN issue. I've been playing about with npf and
building kernels and I cannot get bpfjit to work on XEN even though
I have been testing blacklistd today. It works nicely, but one thing I
don't understand is whether or not the bpfjit module is needed.
I have securelevel=1 in rc.conf. To load the module early, before
securelevel gets raised, I added bpfjit to /etc/modules.conf, and then
"set bpf.jit on;" in