Date: Wed, 21 Aug 2002 20:11:36 +0400 From: "Sergey Mokryshev" <mokr@mokr.net> To: <cjclark@alum.mit.edu> Cc: "Radko Keves" <rado@studnet.sk>, <questions@FreeBSD.ORG>, <current@FreeBSD.ORG> Subject: Re: question about ipl.ko Message-ID: <0ab501c2492d$bc90fe10$0f0010ac@office.tersys.ru> References: <20020816130147.GA39907@studnet.sk> <20020816193854.GC47465@blossom.cjclark.org> <062201c2475f$9f19ab40$0f0010ac@office.tersys.ru> <20020820181519.GA69240@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Crist! You wrote to "Sergey Mokryshev" <mokr@mokr.net> on Tue, 20 Aug 2002 11:15:20 -0700: [skipped] >> $ grep PFIL /usr/src/sys/i386/conf/AMBER options >> PFIL_HOOKS >> You need to include "options PFIL_HOOKS" in your kernel >> configuration to be able to use ipfilter as a loadable module. CJC> But what's the point? PFIL_HOOKS only used by IPFilter. If you CJC> are going to be recompiling a kernel, you might just as well CJC> compile in "options IPFILTER" and be done with it. PFIL hooks is a generic kernel interface and can be used by other programs that work with network. Another point - you can upgrade ipfilter stuff without rebooting, it is useful in situations where minimum downtime is possible. PFIL_HOOKS does not add much functionality to the kernel and I always turn this on on every box. Sergey Mokryshev. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0ab501c2492d$bc90fe10$0f0010ac>