[pf4freebsd] Re: rc.conf example entry
Max Laier
max at love2party.net
Wed Sep 15 20:49:11 PDT 2004
> Quoting Brandon Weisz <brandon at mail.avioc.org>:
>
> > pf_enable="YES"
> > pf_logd="YES"
> > pf_conf="/usr/local/etc/pf.conf"
>
>
> Note that if you install the latest non-port version (1.63 currently),
using
> /etc/rc.conf to set the parameters won't work (at least I don't believe
so).
>
> Is there some undocumented way to do this, Max?
The script I did for the port is available there:
http://www.freebsd.org/cgi/cvsweb.cgi/~checkout~/ports/security/pf/files/pf.sh.sample?rev=1.1&content-type=text/plain
In order to use it with a default tarball install (make && make install) you
have to adjust some pathes and tests. But it's a good starting point to
build a proper rc.d script for pf. It's on my TODO but with a low priority.
> BTW, I'd recommend installing the non-port version to get all the latest
> (OpenBSD -current) PF goodies. You'll also be helping Max/Pyun out with
testing
> said new features. The port version is just too outdated for my tastes...
I agree, but I have to remind you that the port brings all the features
present in OpenBSD 3.3. So it is what they refer to as -Stable!
However, as OpenBSD 3.4 is scheduled 11-01-03 , the tarball version (which
is in sync with OpenBSD-Current) is allready stable-ish and won't see much
new features before OpenBSD 3.4.
Regards,
Max
More information about the freebsd-pf
mailing list