# Compiling Custom Kernel error on Freebsd 8.0



## cybercoke (Mar 26, 2010)

Hi guys, i'm new in the BSD world :stud and i was trying to compile a custom kernel with the FIREWALL options above, but i got UNKNOWN OPTION erros in each one:

Ex.: unknown option "FIREWALL_DEFAULT_TO_ACCEPT"


```
options         FIREWALL
options         FIREWALL_VERBOSE
options         FIREWALL_VERBOSE_LIMIT=50000
options         FIREWALL_DEFAULT_TO_ACCEPT
options         IPDIVERT
options         DUMMYNET
options         HZ=1000
```


Does any one knows if this options has changed the way of declaration or something ?

Thank's for the help.


----------



## DutchDaemon (Mar 26, 2010)

It's IPFIREWALL.


----------



## jalla (Mar 26, 2010)

cybercoke said:
			
		

> Hi guys, i'm new in the BSD world :stud and i was trying to compile a custom kernel with the FIREWALL options above, but i got UNKNOWN OPTION erros in each one:
> 
> Ex.: unknown option "FIREWALL_DEFAULT_TO_ACCEPT"
> 
> ...



It's `IPFIREWALL_*`

```
gnome:/sys# grep FIREWALL /sys/{,amd64}/conf/NOTES
/sys//conf/NOTES:# IPFIREWALL enables support for IP firewall construction, in
/sys//conf/NOTES:# conjunction with the `ipfw' program.  IPFIREWALL_VERBOSE sends
/sys//conf/NOTES:# logged packets to the system logger.  IPFIREWALL_VERBOSE_LIMIT
/sys//conf/NOTES:# WARNING:  IPFIREWALL defaults to a policy of "deny ip from any to any"
/sys//conf/NOTES:# IPFIREWALL_DEFAULT_TO_ACCEPT causes the default rule (at boot) to
/sys//conf/NOTES:# depends on IPFIREWALL if compiled into the kernel.
/sys//conf/NOTES:# IPFIREWALL_FORWARD enables changing of the packet destination either
/sys//conf/NOTES:# IPFIREWALL_NAT adds support for in kernel nat in ipfw, and it requires
/sys//conf/NOTES:options 	IPFIREWALL		#firewall
/sys//conf/NOTES:options 	IPFIREWALL_VERBOSE	#enable logging to syslogd(8)
/sys//conf/NOTES:options 	IPFIREWALL_VERBOSE_LIMIT=100	#limit verbosity
/sys//conf/NOTES:options 	IPFIREWALL_DEFAULT_TO_ACCEPT	#allow everything by default
/sys//conf/NOTES:options 	IPFIREWALL_FORWARD	#packet destination changes
/sys//conf/NOTES:options 	IPFIREWALL_NAT		#ipfw kernel nat support
/sys//conf/NOTES:# DUMMYNET enables the "dummynet" bandwidth limiter.  You need IPFIREWALL
```


----------



## SirDice (Mar 26, 2010)

See /usr/src/sys/conf/NOTES:


```
options         IPFIREWALL              #firewall
options         IPFIREWALL_VERBOSE      #enable logging to syslogd(8)
options         IPFIREWALL_VERBOSE_LIMIT=100    #limit verbosity
options         IPFIREWALL_DEFAULT_TO_ACCEPT    #allow everything by default
options         IPFIREWALL_FORWARD      #packet destination changes
options         IPFIREWALL_NAT          #ipfw kernel nat support
options         IPDIVERT                #divert sockets
```


----------



## jalla (Mar 26, 2010)

Ok, any more =)


----------



## cybercoke (Mar 26, 2010)

Thank you all guys !!

Sorry for the dummie question !~:stud

See ya!


----------

