Date: Wed, 18 Aug 2004 23:50:18 -0600 From: Scott Long <scottl@samsco.org> To: John Birrell <jb@cimlogic.com.au>, Andre Oppermann <andre@FreeBSD.org> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/conf files options src/sys/modules/ipfwMakefile ip_divert.cip_input.c ip_output.c ... Message-ID: <41243F9A.8080300@samsco.org> In-Reply-To: <20040819030854.GM99521@freebsd3.cimlogic.com.au> References: <200408172205.i7HM5sDs087606@repoman.freebsd.org> <20040819030854.GM99521@freebsd3.cimlogic.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
John Birrell wrote: > On Tue, Aug 17, 2004 at 10:05:54PM +0000, Andre Oppermann wrote: > >>andre 2004-08-17 22:05:54 UTC >> >> FreeBSD src repository >> >> Modified files: >> sys/conf files options >> sys/modules/ipfw Makefile >> sys/net bridge.c >> sys/netgraph ng_bridge.c >> sys/netinet ip_divert.c ip_dummynet.c ip_dummynet.h >> ip_fastfwd.c ip_fw.h ip_fw2.c ip_input.c >> ip_output.c ip_var.h raw_ip.c tcp_input.c >> tcp_sack.c >> sys/sys mbuf.h >> Added files: >> sys/netinet ip_fw_pfil.c > > > A kernel config file which includes IPFIREWALL, but not PFIL_HOOKS will > not link (for obvious reasons). > > Also, the script /etc/rc.d/ipfw tests the 'enable' sysctl which is removed > by this commit. The result is that if a kernel is booted with ipfw built > in, the /etc/rc.d/ipfw script tries to load the ipfw module. The module > load fails (for obvious reasons), causing the ipfw initialisation to fail > leaving the firewall in the deny-everything mode regardless of what is > configured in /etc/rc.conf. > > This is an issue for 5.3. [ I assume re@ are reading this list ] > Indeed we are. Andre, can you comment here please? Scott
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41243F9A.8080300>