> On Mar 5, 2016, at 9:00 AM, Robert Chalmers <rob...@chalmers.com.au> wrote:
> 
> Jim, yes.
> I went for the line of least resistance, a plist file to enable pf at boot 
> time.
> The system has a pfctl.plist that loads pf.conf, but there is no automatic 
> way to then enable pf - which seems very odd.
> 
> So you have pfctl -f /etc/pf.conf loaded at boot-time, but the packet filter, 
> pf, isn’t also enabled. So I rolled my own to enable it.
> 
> Turning on the Firewall, which I have on by default on mine, makes no 
> difference to the state of pf. Which is disabled by default.
> 
> anyway, it’s running now, and I’ll try a reboot later to see if it ‘enables’ 
> - I may have to time it so it enables after the pfctl loads the conf.
> 
> cheers

Robert, I find IceFloor to be a helpful frontend for pf. 
<http://www.hanynet.com/icefloor/index.html>

-Terry

Terry Barnum
digital OutPost
Carlsbad, CA

http://www.dop.com
800/464-6434


Reply via email to