Re: ipfilter on 1.1-CURRENT

From: Janet Sullivan <ciscogeek@xxxxxxxx>
Date: Thu, 24 Feb 2005 15:00:29 -0800

Perhaps some kind committer could look at revision of ipfilter at http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/rc.d/ipfilter and bring it into DragonFly? It does solve the already initialized messages.

Well, not everything is rosy with IPF, even with the new rc.d script. IPF compiled into the kernel works, but loading it as a module fails using either version of the rc.d script. Using the version of the ipfilter rc.d script from FreeBSD, I get the following:

/etc/rc: ERROR: ipfilter module is not loaded
link_elf: symbol in6_cksum undefined
can't load ipl
Exec format error
/etc/rc: ERROR: IP-filter module failed to load.

However, I'm not comfortable messing with this much more. The machine is in Texas, I'm in Seattle, and I have no remote console access to it. If I screw up the firewall and lock myself out, that would really suck. ;-)

The ipfilter rc.d script does solve some of the error messages I was seeing earlier however, so its probably still worth looking at.

Sorry for all the babble.


