Date: 18 Apr 2001 12:30:48 +0100 From: Wayne Pascoe <wayne.pascoe@realtime.co.uk> To: kit <kit@hypostasis.com> Cc: , freebsd-questions@FreeBSD.ORG Subject: Re: Modules + ipf Message-ID: <m1itk2jvh3.fsf@zaphod.realtime.co.uk> In-Reply-To: <20010418211621.A74460@amethyst.hypostasis.com> References: <m11yqqli6f.fsf@zaphod.realtime.co.uk> <20010418211621.A74460@amethyst.hypostasis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
kit <kit@hypostasis.com> writes: > On Wed, Apr 18, 2001 at 09:35:04AM +0100, Wayne Pascoe wrote: > > I've just read the ipf security bulletin on Bugtraq, and I now need to > > update ipf on all of my servers. > > > > I would appreciate any help with the following couple of questions: > > > > 1. How can I find out if ipf is currently running as a module, or as > > part of my kernel? I think that it is part of my kernel as I have the > > following lines in the bottom of my config : > > options IPFILTER > > options IPFILTER_LOG > > > kldstat > should list the modules loaded, > but you'd appear to have it compiled in anyway Yeah, I do... Grrr... How do I compile the ipf kernel module then instead of compiling it into the kernel? As I understand it, ipf needs a kernel module / compiled into the kernel as well as a userspace binary... Is this correct ? > > > 2. I understand that I have to recompile the kernel on all of my > > servers to make this a module, but I'd rather not do a whole make > > install process for ipfilter on each machine. Is there any way to > > build it on one machine, and then farm that out to all the > > machines ? > > > for each different kernel conf > make buildkernel KERNCONF=<KERNELCONFIGFILE> > on the building machine > make installkernel KERNCONF=<KERNELCONFIGFILE> Is there no way to just build a healthy kernel and copy that kernel to each machine ? That would be my preference... scp /kernel machine:/kernel.new Doable ? -- - Wayne Pascoe E-mail: wayne.pascoe@realtime.co.uk Phone : +44 (0) 20 7544 4668 Mobile: +44 (0) 788 431 1675 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m1itk2jvh3.fsf>