To build a kernel for use with the loadable kernel module, follow these
steps:
	1. do "make netbsd"

	2. do "make install-bsd"
	   (probably has to be done as root)

	3(a) NetBSD systems prior to 1.2:
		run "NetBSD/minstall" as root
	3(b) NetBSD 1.2 systems or later:
		run "NetBSD-1.2/minstall" as root

	4. build a new kernel

	5. install and reboot with the new kernel

	6. use modload(8) to load the packet filter with:
		modload if_ipl.o

	7. do "modstat" to confirm that it has been loaded successfully.

There is no need to use mknod to create the device in /dev;
- upon loading the module, it will create itself with the correct values,
  under the name (IPL_NAME) from the Makefile.  It will also remove itself
  from /dev when it is modunload'd.

To build a kernel with the IP filter, follow these steps:

	1. do "make netbsd"

	2. do "make install-bsd"
	   (probably has to be done as root)

	3(a) NetBSD systems prior to 1.2:
		run "NetBSD/kinstall" as root
	3(b) NetBSD 1.2 systems or later:
		run "NetBSD-1.2/kinstall" as root
	3(c) If conf.c fails on the 2nd hunk of the patch, you will have to
	     manually apply the patch.

	4. build a new kernel

	5. Create device files.  For NetBSD-1.2 (or later), use 49 as the
	   major number. For NetBSD-1.1 or earlier, use 59.  Run these
	   commands as root, substituting <major> for the appropriate number:

		mknod /dev/ipl c <major> 0
		mknod /dev/ipnat c <major> 1
		mknod /dev/ipstate c <major> 2
		mknod /dev/ipauth c <major> 3

	   ** NOTE: both the numbers 49 and 59 should be substituted with
		    whatever number you inserted it into conf.c as.

	6. install and reboot with the new kernel

Darren Reed
darrenr@pobox.com