npf 'bpf.jit' errors out?

To: tech-net%NetBSD.org@localhost
Subject: npf 'bpf.jit' errors out?
From: Hauke Fath <hf%spg.tu-darmstadt.de@localhost>
Date: Mon, 10 Apr 2017 14:02:58 +0200

Hi,

on netbsd-7, a minimal npf(4) & blacklistd(8) setup to ward off ssh 
script kiddies complains about

set bpf.jit on; 

with

# /etc/rc.d/npf reload
Reloading NPF ruleset.
npfctl: error loading the bpfjit module; performance will be degraded: 
Operation not permitted
npfctl: To disable this warning `set bpf.jit off' in /etc/npf.conf
#
Okay, this is a minimal installation with a monolithic kernel. 
bpfjit(4) suggests

     options BPFJIT
     options SLJIT

(which isn't in any kernel config on either amd64 or i386 - why?), but 
that doesn't seem to help:

# config -x /netbsd | grep JIT
options         BPFJIT
options         SLJIT
# sysctl net.bpf
net.bpf.maxbufsize = 1048576
#

Anything else I am missing?

Cheerio,
hauke

-- 
     The ASCII Ribbon Campaign                    Hauke Fath
()     No HTML/RTF in email            Institut für Nachrichtentechnik
/\     No Word docs in email                     TU Darmstadt
     Respect for open standards              Ruf +49-6151-16-21344

Follow-Ups:
- Re: npf 'bpf.jit' errors out?
  - From: Roy Marples

Prev by Date: Re: Talking to yourself: redirect via lo?
Next by Date: Re: npf 'bpf.jit' errors out?
Previous by Thread: Talking to yourself: redirect via lo?
Next by Thread: Re: npf 'bpf.jit' errors out?
Indexes:

Home | Main Index | Thread Index | Old Index