Wrong order in rc.d (pf and ipv6)
Doug Barton
dougb at FreeBSD.org
Sat Aug 25 22:12:54 PDT 2007
On Thu, 23 Aug 2007, Henri Hennebert wrote:
> Hello,
>
> I notice that after a reboot, my pf rules don't take the ipv6 address
> (managed with ipv6_ifconfig_rl0="2001:...:1") into account.
>
> rcorder /etc/rc.d/* show that pf is started before network_ipv6, is it
> normal?
The consensus was that all firewalls should be started before all
interfaces. That way a system will come up protected with no window of
vulnerability.
That said, I'm glad someone was able to help you fix your stuff. :)
Doug
--
This .signature sanitized for your protection
More information about the freebsd-net
mailing list