From owner-freebsd-questions@FreeBSD.ORG Fri May 29 18:39:06 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 75336106567E for ; Fri, 29 May 2009 18:39:06 +0000 (UTC) (envelope-from scs@EECS.Berkeley.EDU) Received: from gateway0.EECS.Berkeley.EDU (gateway0.EECS.Berkeley.EDU [169.229.60.87]) by mx1.freebsd.org (Postfix) with ESMTP id 440E68FC1D for ; Fri, 29 May 2009 18:39:06 +0000 (UTC) (envelope-from scs@EECS.Berkeley.EDU) Received: from [10.10.1.71] (66.236.51.34.ptr.us.xo.net [66.236.51.34]) (authenticated bits=0) by gateway0.EECS.Berkeley.EDU (8.14.3/8.13.5) with ESMTP id n4TIcxaJ017604 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for ; Fri, 29 May 2009 11:39:05 -0700 (PDT) Message-Id: From: Steven Schlansker To: freebsd-questions@freebsd.org In-Reply-To: <200905292001.02072.mel.flynn+fbsd.questions@mailing.thruhere.net> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Date: Fri, 29 May 2009 11:38:54 -0700 References: <89C182FE-81B9-474E-84EA-FBB6F68C4E75@eecs.berkeley.edu> <200905292001.02072.mel.flynn+fbsd.questions@mailing.thruhere.net> X-Mailer: Apple Mail (2.935.3) Subject: Re: pfsync in GENERIC? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 18:39:06 -0000 On May 29, 2009, at 11:01 AM, Mel Flynn wrote: > On Friday 29 May 2009 18:19:52 Steven Schlansker wrote: > >> [steven@gateway2:~]% sudo /etc/rc.d/pfsync start >> /etc/rc.d/pfsync: WARNING: pfsync(4) must be statically compiled in >> the kernel. > >> Is pfsync not in GENERIC? I checked the amd64 config file and indeed >> it does not show up, however pf and pflog are not there either but >> are >> usable in the base system, so I am not positive that pfsync being >> missing is therefore conclusive. >> >> I would like to if at all possible use GENERIC so that I can take >> advantage of freebsd-update etc. Is there some way to get this all >> running without recompiling the kernel? > > No, the error message is clear. pfsync cannot currently be loaded as > kernel > module and it's not in GENERIC. The same goes for altq. See sys/conf/ > NOTES for > details. Ah, now I get it. I'm used to the Linux way of configuring modules where if a device is a module, it still appears in the configuration file. So I was interpreting the missing "pf" and "pflog" entries not as "built as a module" but as "missing, why can I still use them?" And not to be argumentative, but sys/conf/NOTES does not really provide any information. The only comment explains what the device does, not why it wouldn't be enabled in GENERIC. Is there any reason it could not be? (For those of us who want to use freebsd-update, for example) By digging around on the internet it seems that the problem arises from the use of multicast protocols (ref: http://lists.freebsd.org/pipermail/freebsd-pf/2005-October/001521.html) . pfsync allows the use of unicast as well - would it be feasible to have a modular version that only supports unicast (via syncpeer) perhaps? There's not been much of a discussion about this since 2005, it seems. I'm curious as to that the prevailing opinion is. > > FYI: On -current it's still not possible to load as a module.