Date: Wed, 14 Feb 2007 07:47:50 -0500 From: "Dan Langille" <dan@langille.org> To: "Kian Mohageri" <kian.mohageri@gmail.com> Cc: freebsd-rc@freebsd.org, freebsd-pf@freebsd.org Subject: Re: pf starts, but no rules Message-ID: <45D2BEA7.12150.2D35AEAB@dan.langille.org> In-Reply-To: <fee88ee40702132137q6abef8beu80c7813fcd27eaad@mail.gmail.com> References: <45CDED58.2056.1A642A00@dan.langille.org>, <200702132226.40415.max@love2party.net>, <fee88ee40702132137q6abef8beu80c7813fcd27eaad@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 13 Feb 2007 at 21:37, Kian Mohageri wrote: > On 2/13/07, Max Laier <max@love2party.net> wrote: > > > > Does anyone have time to get something like this going for FreeBSD as > > well? > > > > I tested out some solutions. I'm not sure if this is what you guys were > looking to do, but NetBSD's solution seems fine. I'm not thrilled about > using another rc-script to solve this issue, but I couldn't think of a > simpler/more elegant solution. > > Diff is against CURRENT, and I don't currently have any boxes running > CURRENT, but I tested it as much as I could. I'll get a box up to CURRENT > later to test other patches. > > I couldn't decide what to pass in this initial ruleset. Passing SSH seems > safe/smart, but surely not everyone will agree. So long as the initial ruleset can be specified in the config, I see no problem. For example: pf_rules_initial="/etc/pf_intial.rules -- Dan Langille : Software Developer looking for work my resume: http://www.freebsddiary.org/dan_langille.php PGCon - The PostgreSQL Conference - http://www.pgcon.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45D2BEA7.12150.2D35AEAB>