[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: start PF packet filter at boot time


Please drop debian-boot from CC in your reply (this is off-topic there)

2011/2/18 Kostya Berger <bergerkos@yahoo.co.uk>:
> Just can anyone explain these two:
> 1) -- How do we make things start on boot in kfreebsd? Is there any special
> /etc/init.d script to start each thing?Things like PF packet filter.
> In FreeBSD we have that file /etc/rc.conf where we define such things.

In all Debian flavours you can use /etc/rc.local, but...

> 2)  -- How do we make the system understand which modules to load on start
> up?
> Now there is that file /boot/loader.conf and directory /boot/kfreebsd-$arch.
> In the latter we place
> our modules to load and in the former we put a string like "pf_load="YES""
> (to load pf.ko at boot
> time) in the good old FreeBSD style. But this doesn't work for some reason,
> the module doesn't get
> loaded. Although when updating GRUB it gives off some message like "found
> directory /boot/kfreebsd-$arch...".
> But on the next boot the modules in question still aren't loaded till I
> kldload them manually.

On Debian GNU/kFreeBSD for loading arbitrary modules there's
/etc/modules IIRC.

> ***And no, pf is NOT compiled into kernel either, for the command `pfctl`
> doesn't work until I `kldload pf`.
> So do I have to write an initscript including the command to load the needed
> module and put it into init directory?
> Or is there any other way?

I wonder if this should be handled better (e.g. pfctl could
kldload() what it needs).  Please consider filing a bug
report [1] to freebsd-utils package.


[1] http://www.debian.org/Bugs/Reporting

Robert Millan

Reply to: