blacklistd and bpfjit

To: netbsd-users%netbsd.org@localhost
Subject: blacklistd and bpfjit
From: Gerard Lally <gerard.lally%gmail.com@localhost>
Date: Mon, 27 Mar 2017 16:07:58 +0100

I have been testing blacklistd today. It works nicely, but one thing I
don't understand is whether or not the bpfjit module is needed.

I have securelevel=1 in rc.conf. To load the module early, before
securelevel gets raised, I added bpfjit to /etc/modules.conf, and then
"set bpf.jit on;" in npf.conf.

However, when I reload npf rules I get the following complaint:

npfctl: error loading the bpfjit module; performance will be degraded:
Operation not permitted
npfctl: To disable this warning `set bpf.jit off' in /etc/npf.conf

So I set bpf.jit off instead, and blacklistd continues to work fine. I
presume bpf.jit is not really necessary for blacklistd to work properly?

Follow-Ups:
- Re: blacklistd and bpfjit
  - From: atomicules

Prev by Date: Re: PLIP
Next by Date: Re: blacklistd and bpfjit
Previous by Thread: PLIP
Next by Thread: Re: blacklistd and bpfjit
Indexes:

Home | Main Index | Thread Index | Old Index