From owner-freebsd-pf@FreeBSD.ORG Fri Nov 16 17:53:09 2007 Return-Path: Delivered-To: freebsd-pf@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EBB4216A473; Fri, 16 Nov 2007 17:53:09 +0000 (UTC) (envelope-from kmacy@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id B6C9113C442; Fri, 16 Nov 2007 17:53:09 +0000 (UTC) (envelope-from kmacy@FreeBSD.org) Received: from freefall.freebsd.org (kmacy@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.1/8.14.1) with ESMTP id lAGHr9nf025084; Fri, 16 Nov 2007 17:53:09 GMT (envelope-from kmacy@freefall.freebsd.org) Received: (from kmacy@localhost) by freefall.freebsd.org (8.14.1/8.14.1/Submit) id lAGHr9OA025080; Fri, 16 Nov 2007 17:53:09 GMT (envelope-from kmacy) Date: Fri, 16 Nov 2007 17:53:09 GMT Message-Id: <200711161753.lAGHr9OA025080@freefall.freebsd.org> To: james@jlauser.net, kmacy@FreeBSD.org, freebsd-pf@FreeBSD.org From: kmacy@FreeBSD.org Cc: Subject: Re: kern/116645: pfctl -k does not work in securelevel 3 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Nov 2007 17:53:10 -0000 Synopsis: pfctl -k does not work in securelevel 3 State-Changed-From-To: open->closed State-Changed-By: kmacy State-Changed-When: Fri Nov 16 17:52:23 UTC 2007 State-Changed-Why: >From the securelevel man page: 3 Network secure mode - same as highly secure mode, plus IP packet filter rules (see ipfw(8), ipfirewall(4) and pfctl(8)) cannot be changed and dummynet(4) or pf(4) configuration cannot be adjusted. You are seeing the defined behavior. http://www.freebsd.org/cgi/query-pr.cgi?pr=116645