From owner-freebsd-pf@FreeBSD.ORG Mon Jan 28 23:27:18 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EDF4916A418 for ; Mon, 28 Jan 2008 23:27:18 +0000 (UTC) (envelope-from spomerg@cwu.EDU) Received: from donald.cts.cwu.edu (donald.cts.cwu.edu [198.104.67.147]) by mx1.freebsd.org (Postfix) with ESMTP id D1EC513C4CE for ; Mon, 28 Jan 2008 23:27:18 +0000 (UTC) (envelope-from spomerg@cwu.EDU) Received: from CONVERSION-CWU-DAEMON.DONALD.CTS.CWU.EDU by DONALD.CTS.CWU.EDU (PMDF V6.3-x13 #31358) id <01MQMQO8U0CW0009W9@DONALD.CTS.CWU.EDU> for freebsd-pf@freebsd.org; Mon, 28 Jan 2008 15:27:18 -0800 (PST) Received: from hermes.cwu.edu (hermes.cwu.edu [172.16.21.28]) by DONALD.CTS.CWU.EDU (PMDF V6.3-x13 #31358) with ESMTP id <01MQMQO88TMI000C48@DONALD.CTS.CWU.EDU> for freebsd-pf@freebsd.org; Mon, 28 Jan 2008 15:27:17 -0800 (PST) Received: from cwugate1-MTA by hermes.cwu.edu with Novell_GroupWise; Mon, 28 Jan 2008 15:27:17 -0800 Date: Mon, 28 Jan 2008 15:27:04 -0800 From: Gavin Spomer To: freebsd-pf@freebsd.org Message-id: <479DF4480200009000013240@hermes.cwu.edu> MIME-version: 1.0 X-Mailer: Novell GroupWise Internet Agent 7.0.2 HP Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: quoted-printable Content-disposition: inline Subject: Re: How does /dev/pf get created? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jan 2008 23:27:19 -0000 Well, after a recommendation from our university network engineer, Chris, = who is a FreeBSD expert, I decided to look into the whole devfs thing. = Although it was new to me, a couple of quick glances at man pages and = experiments produced a /dev/pf for me. Now I have a firewall! :D Seems = very strange to me that I had to do this to make it work, however. Can = anyone tell me what the permissions/ownerships for thier /dev/pf is? I = want to make sure that mine is kosher, even though my pf is already = working. Thanks to all who helped me on this problem, not to mention those who's = mailboxes filled up with this thread! ;) Now I'm having fun dinking around with the pf.conf. One thing I really dig = so far about pf versus the firewall I use on my SuSE machines (iptables), = is that I don't have to reboot for changes to take effect. Way happy about = that! :) - Gavin >>> Gavin Spomer 01/25/08 3:30 PM >>> >>> Jeremy Chadwick 01/25/08 2:39 PM >>> > link_elf: symbol altq_remove undefined > link_elf: symbol altq_remove undefined > link_elf: symbol altq_remove undefined > link_elf: symbol altq_remove undefined > link_elf: symbol altq_remove undefined > link_elf: symbol altq_remove undefined And, very likely, here is the cause of your pf problem. :-) Please go back to what I said about your kernel configuration -- you're missing a lot of "option" arguments for ALTQ support. Add all of the ones I gave you, follow the instructions for buildkernel/installkernel, and it should all begin working. The ALTQ options are still in my kernel; I never removed them since you = recommended I put them in and I rebuilt my kernel. I went ahead and did the buildkernel/installkernel again, = checking to see if the ALTQ stuff was in there before. This time I tried adding the "device pf" stuff back in. Still the same = story. Maybe I'm rebuilding my kernel wrong? Doesn't seem likely. How hard is it to screw up the following? 1. vi /usr/src/sys/i386/conf/MACHINEHOSTNAME (edit accordingly) 2. cd /usr/src 3. make buildkernel KERNCONF=3DMACHINEHOSTNAME 4. make installkernel KERNCONF=3DMACHINEHOSTNAME 5. shutdown -r now Well, the weekend is upon us. We can continue this on Monday, if you're = still willing. Thanks for the extra effort. - Gavin _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"