Nathan J. Williams said:

>Yes, though not for any fundamental reason; it had simply been left
>out of a device configuration file. If you needed to add it to a
>custom kernel build it would be pretty easy to do.

I added it to my config file:

pseudo-device   ipfilter                # ip filter
options         IPFILTER_LOG

I also added from MAKEDEV for a recent -current:

crw-------  1 root  wheel  37, 3 May  9 19:22 /dev/ipauth
crw-------  1 root  wheel  37, 0 May  9 19:22 /dev/ipl
crw-------  1 root  wheel  37, 1 May  9 19:22 /dev/ipnat
crw-------  1 root  wheel  37, 2 May  9 19:22 /dev/ipstate

After booting:

molerat# ipfstat
open: Operation not supported by device

molerat# /etc/rc.d/ipfilter start
Enabling ipfilter.
open device: Operation not supported by device
IPFilter enabled?
SIOCFRENB: Bad file descriptor
open device: Operation not supported by device
IPFilter enabled?
ioctl(SIOCIPFFL): Bad file descriptor
open device: Operation not supported by device
IPFilter enabled?
5:ioctl(add/insert rule): Bad file descriptor
6:ioctl(add/insert rule): Bad file descriptor

Kind of amusing since ipfilter works fine with SunOS 4.1.1, which the
box was running previously.

-- 
Rick Kelly  rmk@rmkhome.com  www.rmkhome.com