# systemd + kernel warnings "Proceeding WITHOUT firewalling"

## rsa4046

For those running systemd and receiving these dire kernel messages about firewalling (dmesg output)

```
[  +0.226780] systemd-hiberna (146) used greatest stack depth: 13040 bytes left

[  +0.084105] systemd-debug-g (141) used greatest stack depth: 12416 bytes left

[  +0.614150] gentoo-local-ge (139) used greatest stack depth: 12304 bytes left

[  +0.270604] systemd[1]: File /lib/systemd/system/systemd-journald.service:33 configures an IP firewall (IPAddressDeny=any), but the local system does not support BPF/cgroup based firewalling.

[  +0.000005] systemd[1]: Proceeding WITHOUT firewalling in effect!

[  +0.042849] systemd[1]: File /lib/systemd/system/systemd-udevd.service:32 configures an IP firewall (IPAddressDeny=any), but the local system does not support BPF/cgroup based firewalling.

[  +0.000005] systemd[1]: Proceeding WITHOUT firewalling in effect!

[  +0.186172] systemd[1]: File /lib/systemd/system/systemd-logind.service:34 configures an IP firewall (IPAddressDeny=any), but the local system does not support BPF/cgroup based firewalling.

[  +0.000006] systemd[1]: Proceeding WITHOUT firewalling in effect!

[  +0.160931] systemd[1]: clamd.service: Service lacks both ExecStart= and ExecStop= setting. Refusing.

[  +0.596198] BTRFS info (device sdb4): disk space caching is enabled

[  +0.002417] mount (151) used greatest stack depth: 12256 bytes left

[  +0.184587] systemd-journald[156]: Received request to flush runtime journal from PID 1
```

the answer seems to be to enable

```
 CONFIG_BPF_SYSCALL=y 
```

in your kernel. Thread here.

Edited fixed typos

----------

## dalu

nope that's not it, must be something else.

not sure which kernel version it requires at least

created a gentoo bug

https://bugs.gentoo.org/638860

----------

