[Bug 256410] pf: Add pf_default_rules option

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256410

--- Comment #7 from Thomas Steen Rasmussen / Tykling <thomas@gibfest.dk> ---
(In reply to Chris Hutchinson from comment #4)
Don't feel bad :)

Your point about having a backup/safe/default pf.conf is certaintly valid. That
would not have helped here though, as there is no mechanism (without this
patch) to load that alternative ruleset if the primary one fails.

It would have to be done manually, which would require that you know when this
happens - and if you know about a typo you would probably just fix it :)

The code to automatically load an alternate ruleset from a file would look a
lot like the code in my proposed patch. I opted for using an rc variable over a
file to avoid having an extra file in the tree which will very rarely be used.

Ideally the patch could be adapted to support loading from a file if one
exists, and otherwise falling back to the rc variable.

-- 
You are receiving this mail because:
You are the assignee for the bug.