Re: Any ongoing effort to port /etc/rc.d/pf_boot,
On Mon, Jul 17, 2006 at 08:22:53AM +1200, Andrew Thompson wrote:
> But.. pf runs before any userland daemons are loaded so how does it
> matter if there is a short window between netif and pf if nothing is
> listening?
That is one use case for PF, where you are protecting the local system.
What if you are running PF on a multi-homed host? Is
net.inet.ip.forwarding only ever set to 1 by /etc/rc.d/routing, or
can that be set by something else before it gets that far?
Gary
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 3 之 16 篇):