Solved [Solved] How do I install PF On FreeBSD 9.2?

Itproman

Itproman

I've just installed FreeBSD 9.2 and I'm having a few issues, but nothing serious. I am trying to install and set up a firewall. Firstly, I tried PF but that didn't work (already have it on PC-BSD). Then I managed to fire up IPFW but I had no internet and when I looked at the rules file I gasped! Too complicated for me.

I just tried to have another go at PF but upon rebooting the system says:
Code: 
PF not found

I've copied the sample pf.conf file to /etc and copied a few lines from the PC-BSD's computer file to test. I have read the firewalls section in the manual but I'm missing it somewhere.

Can someone help me get a firewall (preferably PF, then I can copy from PC-BSD {as long as it doesn't involve recompiling the kernel - that's way beyond me at this point)) up, because I don't want to run wide open.
 
There's nothing to install, PF is part of the base OS. Just kldload pf and you're good to go. If you enable PF in /etc/rc.conf the module will get loaded automatically.
 
Please show exactly what has been done. The error is not specific enough to tell exactly where the problem lies.
 
This is what I have added to /etc/rc.conf:

Code: 
#Enable PF Firewall
pf_rules="/etc/pf.conf"
pf_enable="YES"
pf_flags=""

When I try the command @SirDice suggests, here is the output:

Code: 
root@freebsdbox:/etc # kldload pf
kldload: can't load pf: File exists

If I type: pfctl -e, I get:

Code: 
root@freebsdbox:/etc # pfctl -e
No ALTQ support in kernel
ALTQ related functions disabled
pfctl: pf already enabled

so I guess it is working.

My pf.conf:

(only additions I have made):
Code: 
set skip on lo

scrub in all


#Allow all incoming traffic

pass out keep state

#NIC Rules
pass in quick on bge0 proto tcp from any to (bge0) port 80 keep state
pass in quick on bge0 proto tcp from any to (bge0) port 22 keep state
These are just a few lines I copied from my PC-BSD 9.1 computer, for testing.
 
Last edited by a moderator:
I would recommend that you remove the pf_flags option since you are not actually using it.

More as an FYI type of comment .. the parentheses around bge0 is only needed if the IP address assignment is via DHCP.

Lastly, is PF working the way that you want it to?
 
Code: 
# kldload pf
kldload: can't load pf: No such file or directory

# locate pf.ko
.
.
/boot/kernel/pf.ko
/boot/kernel/pf.ko.symbols
.
.

# kldload pf.ko
kldload: can't load pf.ko: No such file or directory
Never seen things like this before.
 
Re: [SOLVED]How do I install PF On FreeBSD 9.2?

Code: 
w:~ #  sysctl kern.module_path
kern.module_path: /boot/kernel;/boot/modules
 
You must log in or register to reply here.
Back
Top