Re: Any ongoing effort to port /etc/rc.d/pf_boot,

看板FB_security作者時間19年前 (2006/07/17 14:05), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串11/16 (看更多)
In some mail from Daniel Hartmeier, sie said: .... > I'm not sure the average user _really_ is worried enough about that > half a second period on boot. But I DO know there will be people locking > themselves out from far-away remote hosts (on updates, for instance) if > this becomes the default. For me this has always been the over riding reason to have IPFilter always default (as shipped) to default allow. There are just too many things that can go wrong that can lead to no access to a system. That said, I believe NetBSD (and FreeBSD?) have this: options IPFILTER_DEFAULT_BLOCK You might want to do something similar for pf to make this easier for those who (think they) now what they're doing. Darren _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 avalon. 的文章
文章代碼(AID): #14koYI00 (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 11 之 16 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共16篇)
更多 avalon. 的文章
文章代碼(AID): #14koYI00 (FB_security)