On Tue, Mar 29, 2011 at 10:07, Leslie Jensen <leslie@xxxxxxx> wrote: > On 2011-03-29 14:52, Kevin Wilcox wrote: >> I can confirm that PF on 3.1.11, running on FreeBSD 8.2-RELEASE, works >> great. >> >> The setup: >> >> Base 8.2-RELEASE install >> Rebuilt GENERIC kernel with pf, pfsync, pflog added (literally three >> lines added to GENERIC) > > I'm using a GENERIC kernel, on the former 7.2 system I didn't rebuild the > kernel either. Do you think I need to do that? You shouldn't need to, I just did it because I need access to pflog and the pfsync device for pulling out NAT/PAT information. Out of curiosity, if you do a "pfctl -s info", do you get something like: INFO: Status: Enabled for 43 days 05:17:26 ============================= My "options" file from /var/db/ports/squid: ++++++++++++++++++++++++++++++ # This file is auto-generated by 'make config'. # No user-servicable parts inside! # Options for squid-2.7.9 _OPTIONS_READ=squid-2.7.9 WITHOUT_SQUID_KERB_AUTH=true WITHOUT_SQUID_LDAP_AUTH=true WITHOUT_SQUID_NIS_AUTH=true WITHOUT_SQUID_SASL_AUTH=true WITHOUT_SQUID_DELAY_POOLS=true WITH_SQUID_SNMP=true WITHOUT_SQUID_CARP=true WITHOUT_SQUID_SSL=true WITHOUT_SQUID_PINGER=true WITHOUT_SQUID_DNS_HELPER=true WITHOUT_SQUID_HTCP=true WITHOUT_SQUID_VIA_DB=true WITHOUT_SQUID_CACHE_DIGESTS=true WITHOUT_SQUID_WCCP=true WITHOUT_SQUID_WCCPV2=true WITHOUT_SQUID_STRICT_HTTP=true WITH_SQUID_IDENT=true WITH_SQUID_REFERER_LOG=true WITH_SQUID_USERAGENT_LOG=true WITHOUT_SQUID_ARP_ACL=true WITH_SQUID_PF=true WITHOUT_SQUID_IPFILTER=true WITHOUT_SQUID_FOLLOW_XFF=true WITHOUT_SQUID_AUFS=true WITHOUT_SQUID_COSS=true WITH_SQUID_KQUEUE=true WITH_SQUID_LARGEFILE=true WITHOUT_SQUID_STACKTRACES=true ++++++++++++++++++++++++++++++ This is for the latest stable 2.7 (2.7-STABLE9). kmw
