Date: Sat, 25 Aug 2007 21:46:11 -0700 (PDT) From: Doug Barton <dougb@FreeBSD.org> To: Henri Hennebert <hlh@restart.be> Cc: freebsd-net@freebsd.org Subject: Re: Wrong order in rc.d (pf and ipv6) Message-ID: <alpine.BSF.0.999.0708252144530.37977@qbhto.arg> In-Reply-To: <46CD8CD3.9090109@restart.be> References: <46CD8CD3.9090109@restart.be>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 23 Aug 2007, Henri Hennebert wrote:
> Hello,
>
> I notice that after a reboot, my pf rules don't take the ipv6 address
> (managed with ipv6_ifconfig_rl0="2001:...:1") into account.
>
> rcorder /etc/rc.d/* show that pf is started before network_ipv6, is it
> normal?
The consensus was that all firewalls should be started before all
interfaces. That way a system will come up protected with no window of
vulnerability.
That said, I'm glad someone was able to help you fix your stuff. :)
Doug
--
This .signature sanitized for your protection
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.0.999.0708252144530.37977>