Date: Mon, 9 Feb 2015 18:30:06 +0100 From: Polytropon <freebsd@edvax.de> To: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> Cc: freebsd-questions <freebsd-questions@freebsd.org>, Chris Stankevitz <chrisstankevitz@gmail.com> Subject: Re: /etc/pf.conf missing Message-ID: <20150209183006.c3902b51.freebsd@edvax.de> In-Reply-To: <44h9uvvwkd.fsf@lowell-desk.lan> References: <CAPi0pss6Sd7VWcDSR6JgSnJjOXVuxBLteL12dqM8KD=kpnBsAg@mail.gmail.com> <44h9uvvwkd.fsf@lowell-desk.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 09 Feb 2015 12:12:02 -0500, Lowell Gilbert wrote:
> Chris Stankevitz <chrisstankevitz@gmail.com> writes:
>
> > Q: Should I be alarmed?
> >
> > Handbook section 30.3.1 says "The default ruleset is already created
> > and is named /etc/pf.conf" but that file does not exist on my hard
> > drive.
>
> The Handbook (or at least the obvious interpretation of what it says;
> the awkward phrasing may mean that it was mis-edited at some point) is
> incorrect.
>
> I'm not sure that a one-size-fits-all default ruleset (of the sort that
> exists for ipfw) is practical for pf.
There is an example file at /usr/share/examples/pf/pf.conf
as well as in "man 5 pf.conf", which reads in section FILES:
/etc/pf.conf Default location of the ruleset file.
This leaves the _possible_ interpretation that the file is
supplied with the OS, but the _reasonable_ interpratation is
that the file should be located like this per default _when_
it is present (and to be present, supplied by the administrator).
So it doesn't look that this file is already created, unlike,
for comparison, /etc/ps.os.
--
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150209183006.c3902b51.freebsd>