diff -ruN bro/scripts/bro_config.in bro-work/scripts/bro_config.in
--- bro/scripts/bro_config.in	2008-04-16 17:01:52.000000000 +0800
+++ bro-work/scripts/bro_config.in	2008-04-16 17:01:37.000000000 +0800
@@ -115,6 +115,8 @@
                 4*) BRO_SYS_TYPE="FREEBSD4";;
                 5*) BRO_SYS_TYPE="FREEBSD5";;
                 6*) BRO_SYS_TYPE="FREEBSD6";;
+                7*) BRO_SYS_TYPE="FREEBSD7";;
+                8*) BRO_SYS_TYPE="FREEBSD8";;
             esac;;
         *) BRO_SYS_TYPE="UNKNOWN";;
     esac
@@ -706,8 +708,8 @@
         return 
     fi
 
-    # FreeBSD 6 uses differnt var names
-    if [ "x$BRO_SYS_TYPE" = 'xFREEBSD6' ]; then
+    # FreeBSD 6 and later use differnt var names
+    if [ "x$BRO_SYS_TYPE" = 'xFREEBSD6' -o "x$BRO_SYS_TYPE" = 'xFREEBSD7' -o "x$BRO_SYS_TYPE" = 'xFREEBSD8' ]; then
         MAXBUF='net.bpf.maxbufsize'
         BUFSZ='net.bpf.bufsize'
     else
@@ -824,18 +826,18 @@
 bro_config_freebsd_devfs()
 {
     # see if we've mucked with it before *dang* octothorp!
-    if [ -e /etc/rc.local ] ; then 
-        foo=`grep "BRO BPF PERMISSIONS CHANGES" /etc/rc.local |sed s/#//g`
+    if [ -e /etc/devfs.rules ] ; then 
+        foo=`grep "BRO BPF PERMISSIONS CHANGES" /etc/devfs.rules |sed s/#//g`
         if ! [ -z "$foo" ]; then
-            echo "Looks like /etc/rc.local has already been setup"
-            echo "Not changing /etc/rc.local"
+            echo "Looks like /etc/devfs.rules has already been setup"
+            echo "Not changing /etc/devfs.rules"
             return 
         fi
         # see if they already have a policy
         bar=`grep "bpf" /etc/devfs.conf|sed s/#//g`
         if ! [ -z "$bar" ]; then
             echo "/etc/devfs.conf has policy for bpf devices already!"
-            echo "Not adding one to /etc/rc.local"
+            echo "Not adding one to /etc/devfs.rules"
             return 
         fi
 
@@ -844,23 +846,29 @@
     brogroup=`grep ^$BRO_USER_ID /etc/group | awk -F: '{print $3}'`
     if [ -z $brogroup ] ; then
         echo "Can't find group for $BRO_USER_ID"
-        echo "Not changing /etc/rc.local"
+        echo "Not changing /etc/devfs.rules"
         return 
     fi
 
     # always make a backup
-    cp /etc/rc.local /etc/rc.local.$$.bak > /dev/null 2>&1 
+    cp /etc/devfs.rules /etc/devfs.rules.$$.bak > /dev/null 2>&1 
 
     # do it 
-cat - >> /etc/rc.local << BAZ
+cat - >> /etc/devfs.rules << BAZ
 
 # BRO BPF PERMISSIONS CHANGES
-devfs ruleset 15
-devfs rule add 15 path 'bpf*' mode 660 user $brogroup
+[brorules=15]
+add path 'bpf*' mode 660 user $brogroup
 
 BAZ
 
-    echo "Added devfs line to /etc/rc.local"
+    echo "Added devfs line to /etc/devfs.rules"
+
+    # enable a brorules ruleset
+    echo 'devfs_system_ruleset="brorules"' >> /etc/rc.conf
+
+    # restart devfs
+    /etc/rc.d/devfs restart
 }
 ######################################################################
 # Give a name for the user id to install everything under
@@ -987,7 +995,7 @@
         # configure the bpfs to be group readable
         bro_config_chown_bpf
     fi
-    if [ "x$BRO_SYS_TYPE" = 'xFREEBSD5' -o "x$BRO_SYS_TYPE" = 'xFREEBSD6' ]; then
+    if [ "x$BRO_SYS_TYPE" = 'xFREEBSD5' -o "x$BRO_SYS_TYPE" = 'xFREEBSD6' -o "x$BRO_SYS_TYPE" = 'xFREEBSD7' -o "x$BRO_SYS_TYPE" = 'xFREEBSD8' ]; then
         bro_config_freebsd_devfs
     fi
     # if perl doesn't exist, don't bother...