Jan 191999
IP Filter won’t load – what I did when IP Filter didn’t load
When you are upgrading your system to a newer version of FreeBSD, you need to recompile IP Filter. This section describes the problem I encountered when upgrading to FreeBSD 3.1-RELEASE from FreeBSD 2.2.8-STABLE and how I fixed it.The symptoms
I had some problems getting ipfilter to run. The errors I was getting were during the modload and looked like this:
../../ip_fil.c:215: Undefined symbol '_fr_checkp referenced from
text segment
../../ip_fil.c:236: Undefined symbol '_fr_checkp referenced from
text segment
../../ip_fil.c:237: Undefined symbol '_fr_checkp referenced from
text segment
../../ip_fil.c:239: Undefined symbol '_fr_checkp referenced from
text segment
../../ip_fil.c:1014: Undefined symbol '_ip_optcopy referenced from
text segment
modload: /usr/bin/ld return code 1
The above failure of modload /lkm/if_ipl.o, caused the following errors when ipnat -f /etc/ipfrules was executed:
/dev/ipnat open: device not configured ioctl(SIOCADDRFR): Bad file descriptor ioctl(SIOCADDRFR): Bad file descriptor ioctl(SIOCADDRFR): Bad file descriptor . . .
The file line above repeated, one for each line in /etc/ipfrules.
The solution
If you have upgraded your system, you should also recompile IP Filter before you reboot with the new operating system. I should have reinstalled IP Filter from scratch.If you really want to see what I did wrong, my silly mistakes are available for your amusement.