Matthew Seaman writes:
> >> Can someone affirmatively verify that this part (30.6.1) of the
> >> Handbook is correct? Particularly the last sentence.
> >> Quote:
> >>
> >> IPFW is included in the basic FreeBSD install as a
> >> separate run time loadable module. The system will
> >> dynamically load the kernel module when the rc.conf
> >> statement firewall_enable="YES" is used. There is no need
> >> to compile IPFW into the FreeBSD kernel unless NAT
> >> functionality is desired.
> >
> > Yes, it is correct.
> >
> > You can also load during runtime:
> >
> > # kldload ipfw.ko
>
> That' not really the issue with what the quoted paragraph says.
> Enabling ipfw functionality by loading a kernel module is not under
> contention. The question is about ipfw+NAT. That paragraph says you
> have to compile ipfw into the kernel to use ipfw+NAT, however on a
> RELENG_8 system (at least) there's a loadable ipfw_nat.ko module.
> Which very much implies you *don't* need to compile ipfw into the
> kernel for ipfw+NAT nowadays.
Exactly!
Robert Huff
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
