IP Filter won’t load – what I did when IP Filter didn’t load

IP Filter won’t load – what I did when IP Filter didn’t load

When you are upgrading your system to a newer version of FreeBSD, you need to
recompile IP Filter.   This section describes the problem I encountered when
upgrading to FreeBSD 3.1-RELEASE from FreeBSD 2.2.8-STABLE and how I fixed it.

The symptoms

I had some problems getting ipfilter to run.  The errors I was getting
were during the modload and looked like this:

../../ip_fil.c:215: Undefined symbol  '_fr_checkp referenced from 
                                                       text segment
../../ip_fil.c:236: Undefined symbol  '_fr_checkp referenced from 
                                                       text segment
../../ip_fil.c:237: Undefined symbol  '_fr_checkp referenced from 
                                                       text segment
../../ip_fil.c:239: Undefined symbol  '_fr_checkp referenced from 
                                                       text segment
../../ip_fil.c:1014: Undefined symbol  '_ip_optcopy referenced from 
                                                       text segment

modload: /usr/bin/ld return code 1

The above failure of modload /lkm/if_ipl.o, caused the following errors when
ipnat -f /etc/ipfrules was executed:

/dev/ipnat open: device not configured
ioctl(SIOCADDRFR): Bad file descriptor
ioctl(SIOCADDRFR): Bad file descriptor
ioctl(SIOCADDRFR): Bad file descriptor
.
.
.

The file line above repeated, one for each line in /etc/ipfrules.

The solution

If you have upgraded your system, you should also recompile IP Filter before you
reboot with the new operating system.  I should have reinstalled IP Filter from scratch. 

If you really want to see what I
did wrong, my silly mistakes are available for your
amusement.