Using the Lion Pf Firewall with the Emerging Threats List 18/08/2012 14:46

Total Page:16

File Type:pdf, Size:1020Kb

Using the Lion Pf Firewall with the Emerging Threats List 18/08/2012 14:46 Using the Lion pf firewall with the Emerging Threats list 18/08/2012 14:46 Using the Lion pf firewall with the Emerging Threats list Mac OS X has multiple firewall options. Most users are familiar with the application level firewall. Each application that opens a network socket needs explicit user permission and is managed through the System Preferences Firewall panel. There is also another less well known firewall tool available. It a kernel-level packet filter. Since parts of Mac OS X are derived from FreeBSD, the packet filter has been ipfw, the default packet filter in FreeBSD. With the release of Mac OS X Lion (10.7), there is another packet filter tool available: pf. In fact, ipfw is deprecated and pf is the new packet filter hotness. pf is the OpenBSD packet filter. It is a robust software package with many impressive and useful features. FreeBSD also has pf, and now Lion does too. I have built several transparent bridge packet filters on FreeBSD and pf. The performance has been met our needs and that includes several tables with over 4000 entries that we block. One those tables includes the Emerging Threats Block IP list. Emerging Threats is an open source community project that collects IP addresses of the “bad guys” and then shares that collection in the form of routers access control lists (ACLs), firewall rules, intrusion detection/prevention rules, and just a plain old list. The project collects IP addresses and network ranges of known attackers, spammers, malware sites, botnet control systems, and other unpleasantness on the internet. They publish rules and lists daily. When you load these rules into your network security device, you can block those IP addresses or get an alert when one attempts to reach your network. At my office, we just use the plain list and load it into a pf table with that says any IP address in this table is bad, so just block it. Now that Lion supports pf, we can easily use the Emerging Threat list on our Macs. By loading the Emerging Threats block list into a table on your Lion system you can block packets from some of the bigger bad guys on the internet. Setting up rules using an anchor Lion uses pf anchors to divide up filter rules into functional groups. We can also use this technique and create an anchor. Edit your /etc/pf.conf file to include the following lines: anchor "emerging-threats" load anchor "emerging-threats" from "/etc/pf.anchors/emerging-threats" Now we need to write the lines for the anchor we defined. From the pf.conf configuration we just added, those should go into the file /etc/pf.anchors/emerging-threats. Create that file and add these lines: table <emerging_threats> persist file "/etc/emerging-Block-IPs.txt" block log from <emerging_threats> to any The first line establishes a table called emerging_threats and on an initial start will load the contents of the /etc/emerging-Block-IPs.txt file. The second line is the filter rule that blocks and logs from any IP address or network listed in the emerging_threats table. If you are not interested in logging the packets that are dropped, just leave out the log keyword. Now, we need to acquire the Emerging Threats list and save it to the /etc directory. The URL for the list is http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt You download it and save it using your browser or execute these commands: $ curl http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt -o /tmp/emerging-Block-IPs.txt $ sudo cp /tmp/emerging-Block-IPs.txt /etc $ sudo chmod 644 /etc/emerging-Block-IPs.txt To load the new pf rules, execute the following command: $ sudo pfctl -f /etc/pf.conf http://ikawnoclast.com/2012/04/using-the-lion-pf-firewall-with-the-emerging-threats-list.html Page 1 of 2 Using the Lion pf firewall with the Emerging Threats list 18/08/2012 14:46 On system start, launchd loads pf from the /System/Library/LaunchDaemons/com.apple.pfctl.plist file. It loads the default rule set which now contains our anchor for the Emerging Threats table. So we are good to go with the basics. Logging dropped packets For some strange reason, Lion does not include pflogd, a daemon to record logged packets into a file. The only way to capture the packets logged from the Emerging Threats block table is to use tcpdump to listen on the pflog0 interface and write the results to a file. To me that does not seem to be the best approach. I will spend time on this problem and post another blog entry on a solution. For now, you can monitor those logged packets using this command from the pflog(4) man page as an example: $ sudo tcpdump -n -e -ttt -i pflog0 Those are the basic steps needed to get pf to use the Emerging Threats list and avoid some of the less trustworthy IPs out there. This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License. http://ikawnoclast.com/2012/04/using-the-lion-pf-firewall-with-the-emerging-threats-list.html Page 2 of 2.
Recommended publications
  • Active-Active Firewall Cluster Support in Openbsd
    Active-Active Firewall Cluster Support in OpenBSD David Gwynne School of Information Technology and Electrical Engineering, University of Queensland Submitted for the degree of Bachelor of Information Technology COMP4000 Special Topics Industry Project February 2009 to leese, who puts up with this stuff ii Acknowledgements I would like to thank Peter Sutton for allowing me the opportunity to do this work as part of my studies at the University of Queensland. A huge thanks must go to Ryan McBride for answering all my questions about pf and pfsync in general, and for the many hours working with me on this problem and helping me test and debug the code. Thanks also go to Theo de Raadt, Claudio Jeker, Henning Brauer, and everyone else at the OpenBSD network hackathons who helped me through this. iii Abstract The OpenBSD UNIX-like operating system has developed several technologies that make it useful in the role of an IP router and packet filtering firewall. These technologies include support for several standard routing protocols such as BGP and OSPF, a high performance stateful IP packet filter called pf, shared IP address and fail-over support with CARP (Common Address Redundancy Protocol), and a protocol called pfsync for synchronisation of the firewalls state with firewalls over a network link. These technologies together allow the deployment of two or more computers to provide redundant and highly available routers on a network. However, when performing stateful filtering of the TCP protocol with pf, the routers must be configured in an active-passive configuration due to the current semantics of pfsync.
    [Show full text]
  • Hotmobile 2006
    After lunch (at a pub), John- Dan Langille ended the confer- find that the paper summaries Mark Garner ([email protected]) ence by giving away books and contained in this overview are gave a presentation about writ- T-shirts. Some books were given extremely brief and are intended ing device drivers in FreeBSD. Of to people chosen randomly [by only to help you identify those course, you can’t learn how to using random() to assign num- papers you would like to read in write device drivers in an hour, bers to all attendees, then sort- full. Those readers interested in a but Garner did a good job of pro- ing] and for various feats. Some- longer summary should refer to viding an overview of the frame- one won a book by spending the Digest of Proceedings that work available. I finally learned over six hours trying to get appears at the end of the work- what has happened to minor de- through Canadian customs. shop proceedings. This digest in- vices (made unnecessary because (There was actually someone cludes a summary of the discus- of devfs). Garner also talked who had spent longer, but he sions that followed each of the about softc, a newer, more effi- had already won a book.) presentations. cient framework for writing de- This overview is based on the vice drivers, about how re- HotMobile 2006: 7th IEEE written notes taken by two stu- sources (memory, IRQs, and Workshop on Mobile Comput- dent volunteers, Tapan Parikh ports) should be handled, and ing Systems and Applications and Alex Varshavsky.
    [Show full text]
  • David Gwynne <[email protected]>
    firewalling with OpenBSD's pf and pfsync David Gwynne <[email protected]> Thursday, 17 January 13 introduction ‣ who am i? ‣ what is openbsd? ‣ what are pf and pfsync? ‣ how do i use them? ‣ ask questions whenever you want Thursday, 17 January 13 who am i? ‣ infrastructure architect in EAIT at UQ ‣ i do stuff, including run the firewalls ‣ a core developer in openbsd ‣ i generally play with storage ‣ but i play with the network stack sometimes Thursday, 17 January 13 what is openbsd? ‣ open source general purpose unix-like operating system ‣ descended from the original UNIX by way of berkeley and netbsd ‣ aims for “portability, standardization, correctness, proactive security and integrated cryptography.” ‣ supports various architectures/platforms Thursday, 17 January 13 what is openbsd? ‣ one source tree for everything ‣ kernel, userland, doco ‣ bsd/isc/mit style licenses on all code (with some historical exceptions) ‣ 6 month dev cycle resulting in a release ‣ 3rd party software via a ports tree ‣ emergent focus on network services Thursday, 17 January 13 what is openbsd? ‣ it is very aggressive ‣ changes up and down the stack (compiler to kernel) to make a harsher, stricter, and less predictable runtime environment ‣ minimal or no backward compatibility as things move forward ‣ whole tree is checked for new bugs ‣ randomise as much as possible all over Thursday, 17 January 13 what is openbsd? ‣ it is extremely conservative ‣ tree must compile and work at all times ‣ big changes go in at the start of the cycle ‣ we’re not afraid to back stuff out ‣ peer review is necessary ‣ we do back away from some tweaks for the sake of usability Thursday, 17 January 13 what is pf? ‣ short for packet filter ‣ the successor to IP Filter (ipf) ‣ ipf was removed due to license issues ‣ the exec summary is that it is a stateful filter for IP (v4 and v6) traffic ‣ does a little bit more than that though..
    [Show full text]
  • Freebsd Handbook
    FreeBSD Handbook http://www.freebsd.org/doc/en_US.ISO8859-1/books/han... FreeBSD Handbook The FreeBSD Documentation Project Copyright © 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 The FreeBSD Documentation Project Welcome to FreeBSD! This handbook covers the installation and day to day use of FreeBSD 8.3-RELEASE and FreeBSD 9.1-RELEASE. This manual is a work in progress and is the work of many individuals. As such, some sections may become dated and require updating. If you are interested in helping out with this project, send email to the FreeBSD documentation project mailing list. The latest version of this document is always available from the FreeBSD web site (previous versions of this handbook can be obtained from http://docs.FreeBSD.org/doc/). It may also be downloaded in a variety of formats and compression options from the FreeBSD FTP server or one of the numerous mirror sites. If you would prefer to have a hard copy of the handbook, you can purchase one at the FreeBSD Mall. You may also want to search the handbook. REDISTRIBUTION AND USE IN SOURCE (XML DOCBOOK) AND 'COMPILED' FORMS (XML, HTML, PDF, POSTSCRIPT, RTF AND SO FORTH) WITH OR WITHOUT MODIFICATION, ARE PERMITTED PROVIDED THAT THE FOLLOWING CONDITIONS ARE MET: 1. REDISTRIBUTIONS OF SOURCE CODE (XML DOCBOOK) MUST RETAIN THE ABOVE COPYRIGHT NOTICE, THIS LIST OF CONDITIONS AND THE FOLLOWING DISCLAIMER AS THE FIRST LINES OF THIS FILE UNMODIFIED. 2. REDISTRIBUTIONS IN COMPILED FORM (TRANSFORMED TO OTHER DTDS, CONVERTED TO PDF, POSTSCRIPT, RTF AND OTHER FORMATS) MUST REPRODUCE THE ABOVE COPYRIGHT NOTICE, THIS LIST OF CONDITIONS AND THE FOLLOWING DISCLAIMER IN THE DOCUMENTATION AND/OR OTHER MATERIALS PROVIDED WITH THE DISTRIBUTION.
    [Show full text]
  • Contents in Detail
    CONTENTS IN DETAIL FOREWORD by Bob Beck (from the first edition) xv ACKNOWLEDGMENTS xvii INTRODUCTION xix This Is Not a HOWTO ............................................... xx What This Book Covers .............................................. xx 1 BUILDING THE NETWORK YOU NEED 1 Your Network: High Performance, Low Maintenance, and Secure ................. 1 Where the Packet Filter Fits In .......................................... 3 The Rise of PF ..................................................... 3 If You Came from Elsewhere ........................................... 6 Pointers for Linux Users ........................................ 6 Frequently Answered Questions About PF............................ 7 A Little Encouragement: A PF Haiku ...................................... 9 2 PF CONFIGURATION BASICS 11 The First Step: Enabling PF ........................................... 12 Setting Up PF on OpenBSD .................................... 12 Setting Up PF on FreeBSD ..................................... 13 Setting Up PF on NetBSD ...................................... 15 A Simple PF Rule Set: A Single, Stand-Alone Machine ........................ 16 A Minimal Rule Set .......................................... 16 Testing the Rule Set . 18 Slightly Stricter: Using Lists and Macros for Readability........................ 18 A Stricter Baseline Rule Set..................................... 19 Reloading the Rule Set and Looking for Errors........................ 20 Checking Your Rules ......................................... 21
    [Show full text]
  • The Book of PF Covers the Most • Stay in Control of Your Traffic with Monitoring and Up-To-Date Developments in PF, Including New Content PETER N.M
    EDITION3RD BUILD A Covers OpenBSD 5.6, MORE SECURE FreeBSD 10.x, and NETWORK EDITION NETWORK 3RD NetBSD 6.x WITH PF THETHE BOOKBOOK THE BOOK OF PF OF THE BOOK THE BOOK OF PF OF THE BOOK OFOF PFPF OpenBSD’s stateful packet filter, PF, is the heart of • Build adaptive firewalls to proactively defend against A GUIDE TO THE the OpenBSD firewall. With more and more services attackers and spammers NO-NONSENSE placing high demands on bandwidth and an increas- OPENBSD FIREWALL • Harness OpenBSD’s latest traffic-shaping system ingly hostile Internet environment, no sysadmin can to keep your network responsive, and convert your afford to be without PF expertise. existing ALTQ configurations to the new system The third edition of The Book of PF covers the most • Stay in control of your traffic with monitoring and up-to-date developments in PF, including new content PETER N.M. HANSTEEN visualization tools (including NetFlow) on IPv6, dual stack configurations, the “queues and priorities” traffic-shaping system, NAT and redirection, The Book of PF is the essential guide to building a secure wireless networking, spam fighting, failover provision- network with PF. With a little effort and this book, you’ll ing, logging, and more. be well prepared to unlock PF’s full potential. You’ll also learn how to: ABOUT THE AUTHOR • Create rule sets for all kinds of network traffic, whether Peter N.M. Hansteen is a consultant, writer, and crossing a simple LAN, hiding behind NAT, traversing sysadmin based in Bergen, Norway. A longtime DMZs, or spanning bridges or wider networks Freenix advocate, Hansteen is a frequent lecturer on OpenBSD and FreeBSD topics, an occasional • Set up wireless networks with access points, and contributor to BSD Magazine, and the author of an lock them down using authpf and special access often-slashdotted blog (http://bsdly.blogspot.com/ ).
    [Show full text]
  • Limits and the Practical Usability of Bsds, a Big Data Prospective
    Limits and the Practical Usability of BSDs, a Big Data Prospective Predrag Punosevacˇ [email protected] The Auton Lab Carnegie Mellon University June 11, 2016 1 / 22 Thanks Thanks to organizers for this great meeting and for giving me the op- portunity to speak. note 1 of slide 1 Intro ❖ Intro ● Who am I? ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ❖ General Limitations ❖ Scientific Computing ❖ Continuation ❖ misc issues ❖ NetBSD ❖ OpenBSD ❖ pf.conf and pfctl ❖ OpenBSD cons ❖ FreeBSD ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ❖ pfSense ❖ DragonFly BSD ❖ HAMMER ❖ Dark Clouds ❖ References 2 / 22 Intro ❖ Intro ● Who am I? ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● What is the Auton Lab? ❖ General Limitations ❖ Scientific Computing ❖ Continuation ❖ misc issues ❖ NetBSD ❖ OpenBSD ❖ pf.conf and pfctl ❖ OpenBSD cons ❖ FreeBSD ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ❖ pfSense ❖ DragonFly BSD ❖ HAMMER ❖ Dark Clouds ❖ References 2 / 22 Intro ❖ Intro ● Who am I? ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● What is the Auton Lab? ❖ General Limitations ❖ Scientific ● Why don’t we just use SCS computing facilities? Computing ❖ Continuation ❖ misc issues ❖ NetBSD ❖ OpenBSD ❖ pf.conf and pfctl ❖ OpenBSD cons ❖ FreeBSD ❖ TrueOS ❖ TurnKey Appliance ❖ FreeNAS ❖ pfSense ❖ DragonFly BSD ❖ HAMMER ❖ Dark Clouds ❖ References 2 / 22 Intro ❖ Intro ● Who am I? ❖ Chronology ❖ Chronology II ❖ Genealogy Tree ● What is the Auton Lab? ❖ General Limitations ❖ Scientific ● Why don’t we just use SCS computing facilities? Computing ❖ Continuation ❖ misc issues ● How did
    [Show full text]
  • The Open Source Firewall in Practice
    OPNsense The open source fi rewall in practice Table of contents 1. How companies can benefit from OPNsense 3| 2. What makes OPNsense unique? 4| 2.1 The OPNsense Business Edition 3. A closer look at OPNsense 5| 3.1 Intrusion and malware detection 6| 3.2 Virtual Private Networking (VPN) 3.3 High availability 7| 3.4 Traffic analysis and traffic shaping 3.5 Further features in the core system 3.6 Plugins 8| 4. Hardware for OPNsense 8| 5. Using OPNsense 8| 5.1 Example customer A: 9| An SME specializing in the production of technical ropes 5.2 Example customer B: An SME consulting firm in the social sector 6. Plugins for OPNsense 9| 7. Transparent development model 10| 8. Plugins in an example scenario 10| 8.1 Centralized WLAN protection with the FreeRADIUS plugin 10| 8.2 Securing an Exchange Server with the Postfix plugin 14| 8.3 Monitoring with the Telegraf plugin 18| 8.4 NUT plugin for UPS integration 21| Summary 22| thomas-krenn.com | 3 OPNsense The open source fi rewall in practice Comprehensive IT security and fl exibly expandable plugins. IT managers regularly see the IT they manage intrusion detection & prevention, VPN, two- exposed to new threats. Having the latest fi rewall factor authentication and high availability. In this is no longer suffi cient. It is much more important e-book, we present OPNsense as an alternative to be able to react fl exibly to security risks. The to commercial fi rewall solutions. Our focus is on open source fi rewall OPNsense is a digital platform practical use cases in the SME context and on how that offers many additional features such as functionality can be expanded via plugins.
    [Show full text]
  • Pfsense Tutorial Slides (Application/Pdf
    pfSense Tutorial BSDCan 2008 From zero to hero with pfSense May 13, 2008 Chris Buechler <[email protected]> Scott Ullrich <[email protected]> History of pfSense Started as a work project 13 years ago when we needed a internal firewall Originally Linux, switched to FreeBSD 2.2 Evolution of this path shrunk the firewall down to a Soekris size Moatware was started Met Chris Buechler during this time Sell a number of products Sales guy moves to Florida Moatware fails Chris and myself debate starting over fresh pfSense is forked from m0n0wall roughly 4 years ago Still going strong today pfSense Overview Customized FreeBSD distribution tailored for use as a firewall and router. pfSense has many base features and can be extended with the package system including one touch installations of popular 3rd party packages such as SpamD (spam filter) and Squid (web caching). Includes many features found in commercial products such as Cisco PIX, Sonicwall, Watchguard, etc. Many support avenues available, mailing lists, forum and commercial support. Has the best price on the planet.... Free! pfSense Platforms Live CD Full Install Embedded Developers pfSense Stable Versions 1.0 - October 4, 2006 * 1.0.1 - October 20, 2006 * 1.2 - RELENG_1_2 - February 25, 2008 Downloaded more than 500,000 times to date * Not branched in CVS pfSense Development Versions Current Development Versions 1.3-ALPHA - RELENG_1 2.0-ALPHA-ALPHA-ALPHA - HEAD Snapshots are built every two hours available at http://snapshots.pfsense.org Bonus for attendees - 1.3 snapshots
    [Show full text]
  • Securing Your Network with Pfsense
    Securing Your Network with pfSense ILTA-U Dale Qualls Pattishall, McAuliffe, Newbury, Hilliard & Geraldson LLP [email protected] Housekeeping • Please turn off cell phones or put them on silent • We’ re recording this session to share with those that were unable to attend… If you have a question please wait for the microphone to make it to you. • Please fill out the survey after the session Housekeeping • 2 Hyper-V virtual machines – To release the mouse the right ALT, CTRL and Left Arrow simultaneously • Helpers are here for you What is pfSense •Firewall •Router • Load balancer (bi-directional) • VPN solution • ItInternet filter • Usage monitor • Provides a Captive portal capabilities • Based on FreeBSD PF (Packet Filter) project, ported from OpenBSD to FreeBSD in 2004 • Forked from the m0n0wall project in 2004 by Chris Buechler and Scott Ullrich • Focus is not running on embedded systems but an embedded offering is Beastie the Daemon availa ble. What’s in a name? •pfSense – pf (from the original project name) – Sense, as in making sense of pf • Domain name availability, or lack thereof, helped dictate the name. – was though by some to stand for “Plain F…… Sense”. $35 at Amazon I will be giving one away today! FreeBSD is used as a platform for devices and products from many of the world' s largest IT companies, including: FreeBSD runs some of the busiest sites on the Internet! How do I get started? What do I need • Properly sized hardware: – 100MHz Pentium CPU – 128 MB of RAM • Requirements specific to individual platforms follow. – Live CD CD-ROM drive USB flash drive or floppy drive to hold configuration file – HdHard ddirive ins tlltitallation CD-ROM for initial installation 1 GB hard drive – Embedded 128 MB Compact Flash card Serial port for console Lt’Let’s GGtet StSttd!arted! Open Hyper-V ifconfig de0 down ifconfig de0 up ifconfig de1 down ifconfig de1 up Hardware Sizing • When sizing hardware for use with pfSense, two main factors need to be considered.
    [Show full text]
  • Firewalling with Openbsd's PF Packet Filter
    Firewalling with OpenBSD’s PF packet filter Peter N. M. Hansteen [email protected] Copyright © 2005 - 2012 Peter N. M. Hansteen This document is © Copyright 2005 - 2012, Peter N. M. Hansteen. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. The document is a ’work in progress’, based on a manuscript prepared for a lecture at the BLUG (see http://www.blug.linux.no/) meeting of January 27th, 2005. Along the way it has spawned several conference tutorials as well as The Book of PF (http://nostarch.com/pf2.htm) (second edition, No Starch Press November 2010), which expands on all topics mentioned in this document presents several topics that are only hinted at here.
    [Show full text]
  • Linux Loadable Kernel Module HOWTO
    Linux Loadable Kernel Module HOWTO Bryan Henderson 2006−09−24 Revision History Revision v1.09 2006−09−24 Revised by: bjh Fix typos. Revision v1.08 2006−03−03 Revised by: bjh Add copyright information. Revision v1.07 2005−07−20 Revised by: bjh Add some 2.6 info and disclaimers. Update references to Linux Device Drivers book, Linux Kernel Module Programming Guide. Revision v1.06 2005−01−12 Revised by: bjh Cover Linux 2.6 briefly. Update hello.c and reference to Lkmpg. Add information about perils of unloading. Mention dmesg as way to see kernel messages. Revision v1.05 2004−01−05 Revised by: bjh Add information on module.h and −DMODULE. Fix tldb.org to tldp.org. Add information on kallsyms. Revision v1.04 2003−10−10 Revised by: bjh Fix typo: AHA154x should be AHA152x Add information on what module names the kernel module loader calls for. Add information on what an LKM does when you first load it. Add information on loop module. Change linuxdoc.org to tldp.org. Revision v1.03 2003−07−03 Revised by: bjh Update on kernels that don't load into vmalloc space. Add explanation of "deleted" state of an LKM. Explain GPLONLY. Revision v1.02 2002−05−21 Revised by: bjh Correct explanation of symbol versioning. Correct author of Linux Device Drivers. Add info about memory allocation penalty of LKM vs bound−in. Add LKM−to−LKM symbol matching requirement. Add open source licensing issue in LKM symbol resolution. Add SMP symbol versioning info. Revision v1.01 2001−08−18 Revised by: bjh Add material on various features created in the last few years: kernel module loader, ksymoops symbols, kernel−version−dependent LKM file location.
    [Show full text]