Hello, as you may have seen pf is now linked to the build and can be installed from the base system. Make sure to run `mergemaster -p' before the installworld as it requires two additional user accounts/groups. If you do not want to build/install pf you can use the NO_PF knob in /etc/make.conf For the moment you will have troubles with pflog and tcpdump as we are waiting for a vendor branch update of tcpdump/libpcap. To build a kernel that supports pf you have to add at least: options PFIL_HOOKS device pf to the GENERIC kernel configuration. Optional you can use: device pflog device pfsync to build-in logging and syncing. Note that it is currently not possible to pull in these in as a module right now. However it is possible to use pf as a module. To do this you must add the following to GENERIC: options PFIL_HOOKS options RANDOM_IP_ID already existing in GENERIC, but also required by pf as a module: options INET options INET6 device bpf These requirements can be tweaked by editing the modules/pf* Makefiles. I hope you have fun with pf and can make good use of it. Report problems, errors and questions to me or the pf-mailing-list pf4freebsd_at_freelists.org (see http://pf4freebsd.love2party.net/ for details) I'd try to avoid flooding -net or -current with pf related questions. There might be a freebsd-pf mailing-list some time soon. -- Best regards, | mlaier_at_freebsd.org Max Laier | ICQ #67774661 http://pf4freebsd.love2party.net/ | mlaier_at_EFnet
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:46 UTC