loading firewall rules dynamically at higher security levels
Giorgos Keramidas
keramida at ceid.upatras.gr
Tue Dec 28 15:34:14 PST 2004
On 2004-12-28 13:21, dave <dmehler26 at woh.rr.com> wrote:
> Hello,
> I was wondering is it possible to load ipf or pf via rc.conf with a
> system in a securelevel of 1 or greater? Trying this thus far has been
> unsuccessful, reading the man page suggests this is not possible but if
> anyone has a workaround i'd appreciate it.
Hmmm, as far as I can tell, all firewalls are loaded before the
securelevel is bumped:
% gothmog:/root# rcorder /etc/rc.d/* | egrep -e 'pf|securelevel'
% /etc/rc.d/ipfilter
% /etc/rc.d/ipfs
% /etc/rc.d/ipfw
% /etc/rc.d/pflog
% /etc/rc.d/pf
% /etc/rc.d/securelevel
% gothmog:/root#
How are you setting the system securelevel and how do firewall rules
fail to load?
More information about the freebsd-questions
mailing list