Bernd Ernesti wrote:

>> Kernel: IP Filter: v4.1.22
 >> Running: yes
>>          ^^^
> 
> And that is the 'problem' with this kind of change. Loading the lkm with this
> change enabled ipfilter at load time.

Here's what I did:

# cd /usr/src
# cvs update -D 20070603 dist/ipf sys/dist/ipf sys/lkm/netinet/if_ipl

# cd /usr/src/sys/arch/i386/conf
# diff LIFEBOOK LKM
1396c1396
< pseudo-device ipfilter                # IP filter (firewall) and NAT
---
 > #pseudo-device        ipfilter                # IP filter (firewall) and NAT

# cd /usr/src/sys/arch/i386/compile/LKM
# make dependall
depending the kern library objects
depending the compat library objects
making sure the compat library is up to date...
`libcompat.a' is up to date.
making sure the kern library is up to date...
`libkern.o' is up to date.

# /usr/src/sys/lkm/netinet/if_ipl
# make clean
# make all install

# modstat
Type    Id   Offset Loadaddr Size Info     Rev Module Name
# ipf -V
ipf: IP Filter: v4.1.22 (396)
open device: Device not configured
# modload /usr/lkm/if_ipl.o
Module loaded as ID 0
# ipf -V
ipf: IP Filter: v4.1.22 (396)
Kernel: IP Filter: v4.1.22
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 0
Feature mask: 0x103


So, even with the code before my changes IPF was activated upon load time so my 
change did not break/change anything. Or am I missing something here?

The "enable or not enable upon load time" is a different case we need to fix 
later, first I want to be sure I did not break anything with this simple rename...

Martti