I've been using pf and pflogd enabled kernels and pf for about a year
on both i386 amd64 systems, and havent see any problem... though i have
simple pf rules.
Regards,
Cem
matthew sporleder, 11/19/08 17:20:
On Wed, Nov 19, 2008 at 9:41 AM, Dave B <spam%y2008.pianocast.net@localhost> wrote:
I don't know the answer to why it's not enabled by default;
although I seem to recall reading on the lists that there were
problems, historically at least, with pf's interaction with other
subsystems--when statically compiled into the kernel. As an
lkm(4), however, pf works well.
To enable the pf LKM at bootup--without having to recompile the
kernel--add it to /etc/lkm.conf, e.g.:
/usr/lkm/pf.o - - - - -
and ensure LKMs are enabled in /etc/rc.conf:
lkm=YES
Or, with a GENERIC kernel, I think you can just issue the command
modload /usr/lkm/pf.o
and make it instantly available, even on an up-and-running system.
Also add:
lkm=YES
pf=YES
to rc.conf
I've been running this setup for the past two years.
|