Barney Wolff wrote: > Sure, invoking ipfw directly works fine when ipfw's compiled into the kernel, > as does dotting /etc/rc.firewall. But /etc/rc.d/ipfw is what's run at > boot time, and that would seem, at least as I read it, to require that > ipfw be a module, not compiled in. no, it dosn't, kinda. if ! ${SYSCTL} net.inet.ip.fw.enable > /dev/null 2>&1; then if the sysctl item net.inet.ip.fw.enable does NOT exist, then try and load the module. otherwise, return 0 (all ok) if ! kldload ipfw; then warn unable to load firewall module. return 1 fi fi it is failing because the net.inet.ip.fw.enable sysctl was removed. the script needs to be updated to rely on one of the still existing sysctls. as of right now, with no edits, the script cannot complete succesfully unless ipfw is left as a module. No doubt this will be fixed shortly. -- Jonathan T. Sage Theatrical Lighting / Set Designer Professional Web Design "He said he likes me, but he's not in-like with me."- Connie, King of the Hill [HTTP://www.JTSage.com] [HTTP://design.JTSage.com] [sagejona_at_msu.edu] [See Headers for Contact Info]
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:07 UTC