Date: Wed, 29 Dec 2004 01:34:07 +0200 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: dave <dmehler26@woh.rr.com> Cc: freebsd-questions@freebsd.org Subject: Re: loading firewall rules dynamically at higher security levels Message-ID: <20041228233406.GB749@gothmog.gr> In-Reply-To: <001901c4ed0a$0d832190$0400a8c0@satellite> References: <20041222223050.A67744@logik.ath.cx> <44is6ssbcf.fsf@be-well.ilk.org> <001901c4ed0a$0d832190$0400a8c0@satellite>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2004-12-28 13:21, dave <dmehler26@woh.rr.com> wrote: > Hello, > I was wondering is it possible to load ipf or pf via rc.conf with a > system in a securelevel of 1 or greater? Trying this thus far has been > unsuccessful, reading the man page suggests this is not possible but if > anyone has a workaround i'd appreciate it. Hmmm, as far as I can tell, all firewalls are loaded before the securelevel is bumped: % gothmog:/root# rcorder /etc/rc.d/* | egrep -e 'pf|securelevel' % /etc/rc.d/ipfilter % /etc/rc.d/ipfs % /etc/rc.d/ipfw % /etc/rc.d/pflog % /etc/rc.d/pf % /etc/rc.d/securelevel % gothmog:/root# How are you setting the system securelevel and how do firewall rules fail to load?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041228233406.GB749>