Date: Thu, 16 Sep 2004 03:49:11 -0000 From: "Max Laier" <max@love2party.net> To: <pf4freebsd@freelists.org> Subject: [pf4freebsd] Re: rc.conf example entry Message-ID: <00ea01c36e5e$f05db4c0$01000001@max900> References: <4247.192.168.1.1.1062165483.squirrel@mail.palcomtech.com> <1062166571.15775.39.camel@quark.avioc.org> <1062178396.3f4f8e5ccf356@mail.fluidhosting.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Quoting Brandon Weisz <brandon@mail.avioc.org>: > > > pf_enable="YES" > > pf_logd="YES" > > pf_conf="/usr/local/etc/pf.conf" > > > Note that if you install the latest non-port version (1.63 currently), using > /etc/rc.conf to set the parameters won't work (at least I don't believe so). > > Is there some undocumented way to do this, Max? The script I did for the port is available there: http://www.freebsd.org/cgi/cvsweb.cgi/~checkout~/ports/security/pf/files/pf.sh.sample?rev=1.1&content-type=text/plain In order to use it with a default tarball install (make && make install) you have to adjust some pathes and tests. But it's a good starting point to build a proper rc.d script for pf. It's on my TODO but with a low priority. > BTW, I'd recommend installing the non-port version to get all the latest > (OpenBSD -current) PF goodies. You'll also be helping Max/Pyun out with testing > said new features. The port version is just too outdated for my tastes... I agree, but I have to remind you that the port brings all the features present in OpenBSD 3.3. So it is what they refer to as -Stable! However, as OpenBSD 3.4 is scheduled 11-01-03 , the tarball version (which is in sync with OpenBSD-Current) is allready stable-ish and won't see much new features before OpenBSD 3.4. Regards, Max
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00ea01c36e5e$f05db4c0$01000001>