Hi Roberto,

>>>># ipf -V
>>>>ipf: IP Filter: v4.1.8 (396)
>>>>open device: Device not configured
>>>>
>>>>What's that? Do I need to recompile a kernel?
>>> Yes, you probably do need to recompile the kernel. Which kernel are
>>> you running with? GENERIC has:
>>>     pseudo-device   ipfilter                # IP filter (firewall) and NAT
>>
>> The official Generic Kernel from :
>> ftp://iso2.de.netbsd.org/pub/NetBSD/iso/3.0/i386cd-3.0.iso
>>
>> How may I know if this option is set into the kernel I am using?
>
> I know the supplied kernels include the configuration file itself.
> You should open your running kernel with "vi" and search for
> "START CONFIG FILE" string: after that there should be info you need (ipfilter
> is defined or not ? or is it commented with an "#"?)

Thank you for the very useful tip!

# vi /netbsd

_CFG_# network pseudo-devices
_CFG_pseudo-device\011bpfilter\0118\011# Berkeley packet filter
_CFG_pseudo-device\011ipfilter\011\011# IP filter (firewall) and NAT
_CFG_pseudo-device\011loop\011\011\011# network loopback

It seems that ipfilter is already into the kernel I use!

> BTW, on netbsd-GENERIC from multicd1.iso the ipfilter is compiled in.

It is also the case here.

If it may help :

# ifconfig -a
ex0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        capabilities=7<IP4CSUM,TCP4CSUM,UDP4CSUM>
        enabled=0
        address: 00:10:4b:09:54:59
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet 10.200.40.37 netmask 0xffffff00 broadcast 10.200.40.255
        inet6 fe80::210:4bff:fe09:5459%ex0 prefixlen 64 scopeid 0x1
tlp0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
        address: 00:50:bf:a9:d9:f9
        media: Ethernet autoselect (none)
        status: no carrier
lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 33192
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3

Is there here anything wrong?

I am quite pointless :-(

Thanks,

Sylvain.