Subject: Re: new ipf rules "not supported by device"?
To: Dan Harrison <macman20001@mac.com>
From: Mirko Thiesen <thiesi@ReLink.NetWorkXXIII.Sytes.NET>
List: netbsd-help
Date: 02/07/2004 04:47:56
On Fri, 6 Feb 2004, Dan Harrison wrote:
>
> >ipf has not been "enabled" -- read /etc/rc.d/ipf and see what it does.
>
> That file doesn't exist, but there's an ipfs, which seemd to do
> something with ipf. Should I make a configuration for it, and if so,
I think Alan meant /etc/rc.d/ipfilter, not /etc/rc.d/ipf.
> how? Should I copy the name,rc_var,start_command,stop_comand format,
> or do something else?
In order to use ipf you should set "ipfilter=YES" in rc.conf. If you also
use ipnat it's sufficent to set "ipnat=YES" because ipnat relies on ipf
and thus triggers ipf's activation automatically.
Bye, K&K,
T-Zee
--
thiesi@NetWork23.Sytes.NET ---- NetBSD: Power to the people!
Tel.: ++49-(0)171-416 05 09 -- Fax: ++49-(0)171-134 16 05 09
Mirko Thiesen, P.O. Box 26 03 54, D-13413 Berlin, W. Germany
"We're with you all the way, mostly"