Date: Tue, 15 Mar 2005 14:53:52 -0500 From: Andy Firman <andy@firman.us> To: freebsd-questions@freebsd.org Subject: Re: need help getting around kern/70401 so I can load ipl.ko (SOLVED) Message-ID: <20050315195351.GA69547@sockeye.firmanix.com> In-Reply-To: <20050314194504.GA52623@sockeye.firmanix.com> References: <20050314194504.GA52623@sockeye.firmanix.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Mar 14, 2005 at 02:45:04PM -0500, Andy Firman wrote: > I have not been able to get ipfilter working on a system and > it is because I don't have INET6 in my custom kernel, and therefore > the system cannot load the ipl.ko module. Here is the issue: > > http://www.freebsd.org/cgi/query-pr.cgi?pr=70401 > Found a solution to my problem. One must add an entry to /etc/make.conf and then you can rebuild the module, load it, and get the firewall going with no reboot. Below is a summary of doing this with my TEST kernel having the INET6 option commented out. ------------------------------------------------------------------------- su-3.00# kldload -v ipl kldload: can't load ipl.ko: No such file or directory su-3.00# uname -a FreeBSD localhost 5.3-STABLE FreeBSD 5.3-STABLE #0: Mon Mar 14 16:08:45 EST 2005 andy@localhost:/usr/obj/usr/src/sys/TEST i386 must add NOINET6=YES to /etc/make.conf before you make the new module..... su-3.00# cd /usr/src/sys/modules/ipfilter/ su-3.00# make su-3.00# make install su-3.00# kldload -v ipl Nothing returned to therefore loaded properly...!!!!! su-3.00# kldstat Id Refs Address Size Name 1 6 0xc0400000 59f308 kernel 2 1 0xc15fb000 17000 linux.ko 3 1 0xc1670000 16000 ipl.ko su-3.00# ipfstat -in empty list for ipfilter(in) su-3.00# ipfstat -on empty list for ipfilter(out) su-3.00# ipf -Fa -f /etc/ipf.rules This locks up your session. Must login again and start new session..... Success upon new login in which the rules are working!!!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050315195351.GA69547>