/dev/pf - BSD

This is a discussion on /dev/pf - BSD ; I use pf on OpenBSD with no problem. But on FreeBSD there is /dev/pf, of which I do not know the purpose. How do initialize /dev/pf so that pfctl -e -f abc works? (Also, where is pf.conf?) Thanks....

+ Reply to Thread
Results 1 to 11 of 11

Thread: /dev/pf

  1. /dev/pf

    I use pf on OpenBSD with no problem. But on FreeBSD
    there is /dev/pf, of which I do not know the purpose.
    How do initialize /dev/pf so that pfctl -e -f abc
    works? (Also, where is pf.conf?)

    Thanks.

  2. Re: /dev/pf

    dfeustel@mindspring.com wrote:
    > I use pf on OpenBSD with no problem. But on FreeBSD
    > there is /dev/pf, of which I do not know the purpose.
    > How do initialize /dev/pf so that pfctl -e -f abc
    > works? (Also, where is pf.conf?)


    You did read the manpages of pf(4) and pfctl(8), didn't you?
    What part of them exactly didn't you understand?


    Martin

    --
    "For the Snark's a peculiar creature, that won't
    Be caught in a commonplace way.
    Do all that you know, and try all that you don't;
    Not a chance must be wasted to-day!"

  3. Re: /dev/pf

    Martin Etteldorf wrote:
    > dfeustel@mindspring.com wrote:
    >> I use pf on OpenBSD with no problem. But on FreeBSD
    >> there is /dev/pf, of which I do not know the purpose.
    >> How do initialize /dev/pf so that pfctl -e -f abc
    >> works? (Also, where is pf.conf?)

    >
    > You did read the manpages of pf(4) and pfctl(8), didn't you?
    > What part of them exactly didn't you understand?
    >
    > Martin
    >


    Yes, I read the man pages. pfctl -e reports an error with /dev/pf.
    /dev/pf is not used on OpenBSD and I do not understand what I need
    to do to initialize /dev/pf on FreeBSD (Why is it needed?)

    Thanks.

  4. Re: /dev/pf

    On Tue, 29 Apr 2008 20:53:56 UTC, YANSWBVCG
    wrote:

    > Martin Etteldorf wrote:
    > > dfeustel@mindspring.com wrote:
    > >> I use pf on OpenBSD with no problem. But on FreeBSD
    > >> there is /dev/pf, of which I do not know the purpose.
    > >> How do initialize /dev/pf so that pfctl -e -f abc
    > >> works? (Also, where is pf.conf?)

    > >
    > > You did read the manpages of pf(4) and pfctl(8), didn't you?
    > > What part of them exactly didn't you understand?
    > >
    > > Martin
    > >

    >
    > Yes, I read the man pages. pfctl -e reports an error with /dev/pf.
    > /dev/pf is not used on OpenBSD and I do not understand what I need
    > to do to initialize /dev/pf on FreeBSD (Why is it needed?)


    Did you read the instructions in the FreeBSD Handbook? In particular,
    did you pu pf_enable="YES" into rc.conf?

    The manual page for pfctl actually tells you where pf.conf is.

    --
    Bob Eager
    UNIX since v6..
    http://tinyurl.com/2xqr6h


  5. Re: /dev/pf

    Bob Eager wrote:
    > On Tue, 29 Apr 2008 20:53:56 UTC, YANSWBVCG
    > wrote:
    >
    >> Martin Etteldorf wrote:
    >> > dfeustel@mindspring.com wrote:
    >> >> I use pf on OpenBSD with no problem. But on FreeBSD
    >> >> there is /dev/pf, of which I do not know the purpose.
    >> >> How do initialize /dev/pf so that pfctl -e -f abc
    >> >> works? (Also, where is pf.conf?)
    >> >
    >> > You did read the manpages of pf(4) and pfctl(8), didn't you?
    >> > What part of them exactly didn't you understand?
    >> >
    >> > Martin
    >> >

    >>
    >> Yes, I read the man pages. pfctl -e reports an error with /dev/pf.
    >> /dev/pf is not used on OpenBSD and I do not understand what I need
    >> to do to initialize /dev/pf on FreeBSD (Why is it needed?)

    >
    > Did you read the instructions in the FreeBSD Handbook? In particular,
    > did you pu pf_enable="YES" into rc.conf?


    No. That seems like a good idea. Thanks.

    > The manual page for pfctl actually tells you where pf.conf is.
    >


  6. Re: /dev/pf

    YANSWBVCG wrote:
    > Martin Etteldorf wrote:
    >> dfeustel@mindspring.com wrote:
    >>> I use pf on OpenBSD with no problem. But on FreeBSD
    >>> there is /dev/pf, of which I do not know the purpose.
    >>> How do initialize /dev/pf so that pfctl -e -f abc
    >>> works? (Also, where is pf.conf?)

    >>
    >> You did read the manpages of pf(4) and pfctl(8), didn't you?
    >> What part of them exactly didn't you understand?
    >>
    >> Martin
    >>

    >
    > Yes, I read the man pages. pfctl -e reports an error with /dev/pf.
    > /dev/pf is not used on OpenBSD and I do not understand what I need
    > to do to initialize /dev/pf on FreeBSD (Why is it needed?)


    So you obviously didn't follow the instructions in the manpage as
    described in "When the variable pf is set [...]"
    Maybe you should start doing that.


    Martin
    --
    "For the Snark's a peculiar creature, that won't
    Be caught in a commonplace way.
    Do all that you know, and try all that you don't;
    Not a chance must be wasted to-day!"

  7. Re: /dev/pf

    Martin Etteldorf wrote:
    > YANSWBVCG wrote:
    >> Martin Etteldorf wrote:
    >>> dfeustel@mindspring.com wrote:
    >>>> I use pf on OpenBSD with no problem. But on FreeBSD
    >>>> there is /dev/pf, of which I do not know the purpose.
    >>>> How do initialize /dev/pf so that pfctl -e -f abc
    >>>> works? (Also, where is pf.conf?)
    >>>
    >>> You did read the manpages of pf(4) and pfctl(8), didn't you?
    >>> What part of them exactly didn't you understand?
    >>>
    >>> Martin
    >>>

    >>
    >> Yes, I read the man pages. pfctl -e reports an error with /dev/pf.
    >> /dev/pf is not used on OpenBSD and I do not understand what I need
    >> to do to initialize /dev/pf on FreeBSD (Why is it needed?)

    >
    > So you obviously didn't follow the instructions in the manpage as
    > described in "When the variable pf is set [...]"
    > Maybe you should start doing that.
    >
    >
    > Martin


    I saw that phrase after I had read about and set enable_pf in rc.conf
    and thought that the phrase you mentioned was a typo left over from the
    original OpenBSD documentation. I still have not found any explanation
    about /dev/pf, which what I still don't nderstand. It would be helpful
    if there were a short explanation about why /dev/pf is needed in FreeBSD
    but not in OpenBSD. I'm sure I'll figure it out eventually, though.

  8. Re: /dev/pf

    dfeustel@mindspring.com wrote:
    [snip]
    >
    > I saw that phrase after I had read about and set enable_pf in rc.conf
    > and thought that the phrase you mentioned was a typo left over from the
    > original OpenBSD documentation. I still have not found any explanation
    > about /dev/pf, which what I still don't nderstand. It would be helpful
    > if there were a short explanation about why /dev/pf is needed in FreeBSD
    > but not in OpenBSD. I'm sure I'll figure it out eventually, though.


    From the OpenBSD man page:

    http://www.openbsd.org/cgi-bin/man.c...86&format=html

    Where you get this idea that OpenBSD doesn't have a /dev/pf I don't have a
    clue. But I do get a sense of you having many "preconceived" notions, many
    of which are not reflective of reality. I would suggest that instead of
    working with what "you think is the case", read the documentation and learn
    what the case truly is in the reality outside...

    Just my $.02, FWIW, YMMV,...

    -Jason

  9. Re: /dev/pf

    Jason Bourne wrote:
    > dfeustel@mindspring.com wrote:
    > [snip]
    >>
    >> I saw that phrase after I had read about and set enable_pf in rc.conf
    >> and thought that the phrase you mentioned was a typo left over from the
    >> original OpenBSD documentation. I still have not found any explanation
    >> about /dev/pf, which what I still don't nderstand. It would be helpful
    >> if there were a short explanation about why /dev/pf is needed in FreeBSD
    >> but not in OpenBSD. I'm sure I'll figure it out eventually, though.

    >
    > From the OpenBSD man page:
    >
    > http://www.openbsd.org/cgi-bin/man.c...86&format=html
    >
    > Where you get this idea that OpenBSD doesn't have a /dev/pf I don't have a
    > clue. But I do get a sense of you having many "preconceived" notions, many
    > of which are not reflective of reality. I would suggest that instead of
    > working with what "you think is the case", read the documentation and learn
    > what the case truly is in the reality outside...
    >
    > Just my $.02, FWIW, YMMV,...
    >
    > -Jason


    Actually you are correct. I did (and probably still do) have many
    incorrect notions about how things work in FreeBSD because of my
    previous experience with OpenBSD. I am discovering that things in
    FreeBSD don't work exactly like they do in OpenBSD. The command 'pfctl
    -e' is a case in point. Since noone is explaining /dev/pf, I will not
    pursue this question here anymore.


  10. Re: /dev/pf

    on 2008-04-30 11:27 YANSWBVCG said the following:
    > -e' is a case in point. Since noone is explaining /dev/pf, I will not
    > pursue this question here anymore.


    If you like:
    > A pseudo-device, /dev/pf,
    > allows userland processes to control the behavior of the packet filter
    > through an ioctl(2) interface.


    That's what it's for.

    //jbaltz
    --
    jerry b. altzman jbaltz@altzman.com www.jbaltz.com
    thank you for contributing to the heat death of the universe.

  11. Re: /dev/pf

    YANSWBVCG wrote:

    [snip]
    >
    >... Since noone is explaining /dev/pf, I will not
    > pursue this question here anymore.


    Sorry, but it is explained in the man page. PF is in the kernel, and /dev/pf
    is a pseudo device which allows a userland application such as pfctl a
    hook, or interface, to use for communication and control. pfctl is an
    userland application. /dev/pf is a gateway between userland and kernel
    space. I'm sorry I can't explain it any better than that, and it *is* right
    there at the top of the man page! If you don't understand this now, you
    never will. PF == kernel pfctl == userland /dev/pf == bridge between
    the two.

    I started my foray into 'BSD land with OpenBSD a long time ago, long before
    PF even existed. At the time my primary interest was "hardened" operating
    systems that would be better choices to face the hostile Internet than
    Windows. I went to FreeBSD fairly shortly thereafter as it had better
    performace as a server and more apps in it's port tree. While I do like a
    couple of things the way the OpenBSD people do things I prefer the "load
    handling" and performance capability of FreeBSD.

    Not meaning to start a "my OS is better..." thing either, just expressing my
    personal preference.

    -Jason


+ Reply to Thread