Date: Tue, 18 Apr 2006 12:28:58 +0300 (EEST) From: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua> To: Tod McQuillin <devin@spamcop.net> Cc: freebsd-security@freebsd.org, freeBSD List <freebsd-questions@freebsd.org>, Noah Silverman <noah@allresearch.com> Subject: Re: IPFW Problems? Message-ID: <20060418120032.P36630@atlantis.atlantis.dp.ua> In-Reply-To: <20060418112439.O8203@plexi.pun-pun.prv> References: <71010EE4-5C3E-48D9-8634-3605CE86F8C5@allresearch.com> <3BE1F863-F59D-49EC-A9D4-AEF6D89C5ABD@mac.com> <20060418112439.O8203@plexi.pun-pun.prv>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello! On Tue, 18 Apr 2006, Tod McQuillin wrote: >> Add: >> >> options IPFW2 >> >> ...to your kernel config file and rebuild the kernel (and world also, >> probably). > > Yes, you need to rebuild the userland too, which means you also need > IPFW2=true in /etc/make.conf before you build world. It's absolutely necessary, after installation of the new kernel with 'options IPFW2', to add 'IPFW2=true' in /etc/make.conf and rebuild+reinstall _at least_ /sbin/ipfw, then /usr/lib/libalias.* and /sbin/natd (which depends on libalias), e.g. cd /usr/src/sbin/ipfw make obj && make depend all install cd /usr/src/lib/libalias make obj && make depend all install cd /usr/src/sbin/natd make obj && make depend all install (note that natd doesn't depend on IPFW2, but links against libalias which does, so sequence libalias -> natd is critical). I haven't found other parts of base OS in RELENG_4 which depend on IPFW2, though I can miss something. Also every custom utility which utilizes <netinet/ip_fw.h> must also be recompiled with IPFW2 defined and rebuilt (and those using libalias must be rebuilt). Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060418120032.P36630>