Hi,
Vlad GALU wrote:
On 7/14/06, Ari Suutari <[EMAIL PROTECTED]> wrote:
Hi,
Does anyone know if there are any plans to bring
pf boot-time protection (ie. /etc/rc.d/pf_boot and
related config files) from NetBSD to FreeBSD ?
This would close small (but as far as I understand existing)
window during boot where firewall is fully open (if using only
pf).
See the mac_ifoff(4) manpage. You can disable your interfaces until
the system is fully booted.
How well would this work ? I think that idea of pf_boot
is to disable incoming traffic, but allow certain outgoing
traffic like dns. If dns doesn't work during startup (don't
really know about mac_ifoff yet) it will cause problems, for
example sendmail startup might hang for a while.
Ari S.
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
