On 2009-06-30 17:07, Dag-Erling Smørgrav wrote:
> One option would be to start pf with a pre-cooked rule set that allows
> only DHCP and nd6 / rtsol or similar, then load the user-provided rule
> set once all interfaces are up.
Please see also the suggestion here:
http://docs.freebsd.org/cgi/mid.c
Robert Watson writes:
> This sounds right to me, FWIW -- being able to fully configure the
> policy before network traffic starts is definitely right in the
> abstract, it's just a question of getting there...
One option would be to start pf with a pre-cooked rule set that allows
only DHCP and nd
On Fri, 26 Jun 2009, Doug Barton wrote:
Reverse the effect of r193198 for pf and ipfw which will once again
allow them to start after netif. There were too many problems reported
with this change in the short period of time that it lived in HEAD, and
we are too late in the release cycle to
Author: dougb
Date: Fri Jun 26 01:04:50 2009
New Revision: 195026
URL: http://svn.freebsd.org/changeset/base/195026
Log:
Reverse the effect of r193198 for pf and ipfw which will once again
allow them to start after netif. There were too many problems reported
with this change in the short pe
