In article <[EMAIL PROTECTED]> you write: >> I added the four commands above to /etc/rc.network instead of using >> FreeBSD's ipfilter support through rc.conf mechanism (it assumes that >> ipfilter is built into the kernel) > > There is a PR with a patch sitting on this rc.network fuckup > (oversight) that I'd really love to see committed for 4.3-RELEASE, > but who knows if that's possible with the given timeline. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=26275 > > I completely missed a previous PR on the same issue, but this one > has a patch that will work no matter where $ipfilter_program is set > to (hack), rather then hardcoding an ipfstat location. > > Patch also fixes it so that ipf.rules doesn't have to exist if your > just setting up a NAT. There's another issue that needs fixing: ipmon should be started before ipf. Arjan -- Arjan de Vet, Eindhoven, The Netherlands <[EMAIL PROTECTED]> URL: http://www.iae.nl/users/devet/ for PGP key: finger [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
