Any ongoing effort to port /etc/rc.d/pf_boot,
/etc/pf.boot.conf from NetBSD ?
Paul Schenkeveld
fb-pf at psconsult.nl
Fri Jul 14 16:49:49 UTC 2006
Hello,
On Fri, Jul 14, 2006 at 01:26:38PM +0300, Ari Suutari wrote:
> Hi,
>
> Does anyone know if there are any plans to bring
> pf boot-time protection (ie. /etc/rc.d/pf_boot and
> related config files) from NetBSD to FreeBSD ?
>
> This would close small (but as far as I understand existing)
> window during boot where firewall is fully open (if using only
> pf).
I'd prefer to have PF_DEFAULT_BLOCK analogous to IPFILTER_DEFAULT_BLOCK
instead of some magic script closing the hole between driver init and
configuration. Always wondered how the OpenBSD -securety minded- people
have come up with a packet filter that's open by default.
Or am I missing the point here?
Regards,
Paul Schenkeveld
More information about the freebsd-pf
mailing list