>Number:         37363
>Category:       install
>Synopsis:       The "pf" doesn't work with GENERIC.MP
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    install-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Nov 12 00:35:00 +0000 2007
>Originator:     Randolf Richardson
>Release:        NetBSD 4.0 RC3
>Organization:
Inter-Corporate Computer & Network Services, Inc.
>Environment:
NetBSD netbsd4.lumbercartel.ca 4.0_RC3 NetBSD 4.0_RC3 (GENERIC) #0: Tue Oct 16 01:14:06 PDT 2007  builds@wb34:/home/builds/ab/netbsd-4-0-RC3/i386/200710160011Z-obj/home/builds/ab/netbsd-4-0-RC3/src/sys/arch/i386/compile/GENERIC i386

>Description:
During install from the ISOs, if I select "GENERIC" then pf functions correctly.  If I select "GENERIC.MP" though, then pf won't start and the error message indicates (sorry, I'm doing this from memory) something along the lines that pf needs to be compiled for multi-processor.

>How-To-Repeat:
Install NetBSD 4.0_RC3 from the ISOs and select the "GENERIC.MP" option, then use pfctl to start pf after configuring it any way you like.  The error message will appear at this point, and pf will not be started, thus leaving the system unprotected against potential attacks from dark hackers.

>Fix:
I've asked in IRC, and folks tell me that I need to either re-compile pf with the multi-processor option, or re-compile the kernel.  I don't have the knowledge required to do this yet, so it's not an option for me.

What I've to do for now, unfortunately due to deadlines, is to re-install with the "GENERIC" option and use only one processor -- this is okay as a short-term solution, but eventually I'd like to get multi-processor working.