On 2006/10/13 14:36, fv wrote: > > I want to add some code to pfctl which > >would add all important rules to pf. In such way, if that rules > >wouldn't be in pf.conf they would BE in pf. > > > I think it's a very bad idea. The best you can do i think is to write > a pfctl wrapper script in order to load your mandatory rules and rename > it to pfctl.
Surely it's better to place mandatory rules on another box?
