Displaying 1 result from an estimated 1 matches for "pf_default_block".
2006 Jul 14
1
Any ongoing effort to port /etc/rc.d/pf_boot, /etc/pf.boot.conf from NetBSD ?
...t-time protection (ie. /etc/rc.d/pf_boot and
>> related config files) from NetBSD to FreeBSD ?
>>
>> This would close small (but as far as I understand existing)
>> window during boot where firewall is fully open (if using only
>> pf).
>
> I'd prefer to have PF_DEFAULT_BLOCK analogous to IPFILTER_DEFAULT_BLOCK
> instead of some magic script closing the hole between driver init and
> configuration. Always wondered how the OpenBSD -securety minded- people
> have come up with a packet filter that's open by default.
There has been discussion about this befor...