From owner-freebsd-net@FreeBSD.ORG Wed Jan 21 07:20:33 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E642A16A4CE for ; Wed, 21 Jan 2004 07:20:33 -0800 (PST) Received: from redqueen.elvandar.org (cust.94.120.adsl.cistron.nl [195.64.94.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 122E143D1F for ; Wed, 21 Jan 2004 07:20:30 -0800 (PST) (envelope-from remko@elvandar.org) From: "Remko Lodder" To: "Freebsd-Net@Freebsd. Org" Date: Wed, 21 Jan 2004 16:20:55 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) Importance: Normal In-Reply-To: <20040121151040.E924916@mail.elvandar.org> X-Virus-Scanned: by amavisd-new at elvandar.org Message-Id: <20040121152028.275D52B4D82@redqueen.elvandar.org> Subject: RE: [Freebsd-net] PF installation on 5.2-RELEASE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jan 2004 15:20:34 -0000 from pkg-message which lives in /usr/ports/security/pf/ To use pf, please follow these steps: 1. Add kernel options into your kernel config file and recompile kernel: device bpf options PFIL_HOOKS options RANDOM_IP_ID 2. Please set the following variables in /etc/rc.conf according to your needs: pf_enable="Yes" pf_logd="Yes" pf_conf="%%PREFIX%%/etc/pf.conf" 3. Check %%PREFIX%%/etc/rc.d/pf.sh, it is the startup script for pf! --> Makefile snippet .if !defined(WITH_ALTQ) || (${WITH_ALTQ} != "yes") pre-fetch: @${ECHO_MSG} "=======================================================" @${ECHO_MSG} "* If you have ALTQ support from: *" @${ECHO_MSG} "* http://www.nipsi.de/altq/index.html or *" @${ECHO_MSG} "* http://www.rofug.ro/projects/freebsd-altq/ *" @${ECHO_MSG} "* You can define WITH_ALTQ=yes to make use of it *" @${ECHO_MSG} "* Please define SYS_ALTQ to point to the patched src *" @${ECHO_MSG} "* *" @${ECHO_MSG} "* e.g.: make WITH_ALTQ=yes SYS_ALTQ=/usr/src/sys.altq *" @${ECHO_MSG} "* *" @${ECHO_MSG} "=======================================================" @sleep 2 .endif /snip Does that fill in the blanks? Cheers -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: freebsd-net-bounces@lists.elvandar.org [mailto:freebsd-net-bounces@lists.elvandar.org]Namens Art Mason Verzonden: woensdag 21 januari 2004 16:13 Aan: freebsd-net@freebsd.org Onderwerp: [Freebsd-net] PF installation on 5.2-RELEASE Hello, My sincerest apologies if this isn't the correct list to post this question to, but I was wondering if anyone has any guidelines/procedures to follow regarding the correct installation method for PF on FreeBSD 5.2-RELEASE. I know of its existence in ports/security, but was wondering if there are any additional kernel compilation options or sysctl variables required to get it, along w/ ALTQ, up and running properly on a fresh install. Many thanks in advance, -- Art Mason Rackspace Managed Hosting amason@rackspace.com _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" _______________________________________________ Freebsd-net mailing list Freebsd-net@lists.elvandar.org http://lists.elvandar.org/mailman/listinfo/freebsd-net