Sean McNeil wrote: > On Mon, 2004-10-25 at 13:13, Andre Oppermann wrote: >>Conrad J. Sabatier wrote: >>>For a further bit of clarification (I know, should have done this the >>>first time): >>> >>>This problem is occurring with the following kernel options: >>> >>>options IPDIVERT >>>options IPFILTER >>>options IPFILTER_LOG >>> >>>The only workaround at this time is adding "options IPFIREWALL". >> >>Yes, that is correct. >> >>IPDIVERT is a module now and you can dynamically load it just like you >>can load ipfw (options IPFIREWALL). >> >>IPDIVERT depends on ipfw being loaded or compiled into the kernel. >> >>I have done the last step of IPDIVERT's transition into a KLD a few >>minutes ago. It will warn you now if you try to compile it into a >>kernel without IPFIREWALL as well. As a module it will simply complain >>that ipfw needs to be loaded first. > > > I build my kernel with > > options IPFIREWALL > options IPFIREWALL_FORWARD > options IPDIVERT > > Can I now use loadable modules as well? Will IPFIREWALL have the > forwarding option or would I still have to specify that? You can certainly use IPDIVERT as a loadable module. The FORWARD option to IPFIREWALL needs to be compiled into the module if you want to load it as a module. For modules options in the kernel configuration file are not automatically included. You have to edit sys/modules/ipfw/Makefile instead. Then you can load everything as module. If you start natd from rc.conf it will load ipdivert.ko automatically (if you have run mergemaster to update your rc scripts). -- AndreReceived on Mon Oct 25 2004 - 18:25:47 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:19 UTC