Kernel Options
While pf can be loaded as a kernel module, ALTQ cannot. If the kernel is to be recompiled, may as well add both. Below are all the pieces available, but not all are required depending on usage. If there is no intended use of ALTQ, then kernel modules may be used instead.
# pf - manually added device pf # OpenBSD Packet Filter firewall device pflog # pseudo network device for logging device pfsync # state change log interface (HA) # ALTQ - queues options ALTQ # ALTQ framework options ALTQ_CBQ # Class Based Queueing options ALTQ_RED # Random Early Detection options ALTQ_RIO # Random Early Detection In and Out options ALTQ_HFSC # Hierarchical Fair Service Curve Sched. options ALTQ_PRIQ # Priority Queueing. high traffic first options ALTQ_NOPCC # SMP support. Required on SMP systems
There are some pieces for rc.conf:
# pf pf_enable="YES" # enable pf pf_rules="/etc/pf.conf" # rules definition file for pf pf_flags="" # additional flags for pfctl pflog_enable="YES" # start pflogd(8) pflog_logfile="/var/log/pflog" # where pflogd stores logfile pflog_flags="" # additional flags for pflogd
Example configurations for pf can be found in /usr/share/examples/pf on FreeBSD. Or, read through the documentation.
Recompile the kernel and restart. Or, if using modules: kldload pf.
No comments:
Post a Comment