NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Trying to start NPF



I think I fixed is:

/etc/rc.d/npf onerestart

It complained -- I un-commented ALL of $wi*. Error went away.
Why? I only have $wired_if  (as wm0) . Why the other
2 vars needed?

'ifconfig npflog0'  worked

in 'netstat -ain' I see npflo. Why that name -- shouldnt it it be npflog ?


On Wed, Jul 10, 2024 at 3:16 PM Brad Spencer <brad%anduin.eldar.org@localhost> wrote:
>
> Todd Gruhn <tgruhn2%gmail.com@localhost> writes:
>
> > I did:   'ifconfig npflog0'
> >
> >        Result:  ifconfig: SIOCGIFFLOGS npflog0: device not configured
> >
> > Something in kernel  need to turned on??
> >
>
>
> Don't think so...  except that npf needs to be in the kernel, and if you
> are using GENERIC, it will be...  you have to make sure that your
> /etc/npf.conf file has this:
>
> procedure "log" {
>           log: npflog0
> }
>
> in it and you probably need to have a rule that actually uses it.  So
> you will need at least one rule with '... apply "log"' in it.
>
> Of course, after editing /etc/npf.conf you will need to do a
> /etc/rc.d/npf reload or /etc/rc.d/npf restart.  And further, you need to
> make sure that npf=YES is in your /etc/rc.conf.
>
> If it still doesn't show up then you can probably create it.  A
> "ifconfig npflog0 create" should work, followed (probably) by a
> "ifconfig npflog0 up".   You can create a /etc/ifconfig.npflog0 file
> with a "up" in it to make this stick, but you really should not have to
> do it this way.  I do have one specialized system that does need this,
> but all of the other systems I use NPF on do not require the log device
> to be created manually.
>
>
>
>
>
> --
> Brad Spencer - brad%anduin.eldar.org@localhost - KC8VKS - http://anduin.eldar.org


Home | Main Index | Thread Index | Old Index