Patch for adding "options PF_DEFAULT_TO_DROP" to kernel
configuration file
Gleb Smirnoff
glebius at FreeBSD.org
Fri Sep 14 13:27:28 UTC 2012
On Thu, Sep 13, 2012 at 11:26:48PM +0200, Olivier Cochard-Labb? wrote:
O> Hi,
O> here is a little patch (tested on FreeBSD 9.1-RC1) that add a new
O> option to the kernel configuration file:
O> options PF_DEFAULT_TO_DROP
O>
O> Without this option, with an empty pf.conf: All traffic are permit.
O> With this option enabled, with an empty pf.conf: All traffic are
O> dropped by default.
O>
O> If the attached file is removed, you can found the patch here:
O> http://www.freebsd.org/cgi/query-pr.cgi?pr=171622
I'd appreciate if you re-submit your patch with:
- update to the fresh head/, where pf has been moved to netpfil/pf
- mentioning new option in pf(4)
--
Totus tuus, Glebius.
More information about the freebsd-pf
mailing list