Re: IPF in NetBSD 5.1-RC3

[Michael Richardson <mcr%sandelman.ca@localhost>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>>>>> "Michael" == Michael Richardson <mcr%sandelman.ca@localhost> writes:
    Michael> bud-[/etc] root 206 #/etc/rc.d/ipfilter start
    Michael> Enabling ipfilter.
    Michael> 229:ioctl(add/insert rule): No such process

    Michael> bud-[/etc] root 207 #sed -n 229p /etc/ipf.conf
    Michael> pass in quick proto udp from any to any port = 500  group 200   

Guessing at either an off-by-one in the error message (previous line is
a comment), or that the previous line had failed, actually, I found the
previous line was:

pass out quick                from 209.87.252.188 to any group 100

(I lied about it being the first usage of group. Ooops).
Commenting out this line, which was a temporary item anyway, and it
works.

A bit of a mystery. I'd be happy to send the original ipf.conf to
someone if they want, but I'd rather not post it to a public list.

- -- 
]       He who is tired of Weird Al is tired of life!           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr%sandelman.ottawa.on.ca@localhost http://www.sandelman.ottawa.on.ca/ 
|device driver[
   Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
                       then sign the petition. 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Finger me for keys

iQEVAwUBTDE5GYCLcPvd0N1lAQLyuwf9EkkHSCYgd55nt1qhGAVenxwXXhgZ7Ydm
hv6ZXkzcW9piFENeOjt6vHRbyp+4IHHmz0S1FDut4RuR2XYP3V6Gb+6UQdjnsJgG
wF1VjxJAY59anC9QE5SqWrl3JZRaBkHMbxDjlMGek4JtCzdT+8qu69T9e7744DWX
ycmfJ1I2QMAwDNoBqXo4loOKMzwhDtJjntNfaPbkcBIkoA4ao6E3x7OmindlPeMH
THyU0dDVaLNPZ4XzE6poYS9/nxOYYopQE6nY/1fjmLOxAp7Qj5JPsncOHICspwOq
jMT0TTdX91lUc8YD36i4P7Ol7j+gk+Yn5FdoeVtX7VhdPs5QlgTxdA==
=yTrE
-----END PGP SIGNATURE-----