Hi,
Andrew Thompson wrote:
On FreeBSD 6.1, run rcorder /etc/rc.d/*. You'll notice that
pf is run after netif so if one is using only pf as firewall,
there is a window between run of "netif" and "pf" where network
interfaces are up but there is no firewall loaded. Adding
pf_boot, which runs before "netif" would fix this, woudn't it ?
But.. pf runs before any userland daemons are loaded so how does it
matter if there is a short window between netif and pf if nothing is
listening?
I wasn't thinking about firewall itself, but the network it
protects. But now I notice that routing is run *after* pf
so things should be ok ?
Sorry to be such a pain but I have tried asking about this
many times but got no good answers (and I got even more worried
when I noticed that NetBSD had special boot-time ruleset).
I guess this is case closed then!
Ari S.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
