Re: dis/advantages of compiling in-kernel over kldload
- Reply: void : "Re: dis/advantages of compiling in-kernel over kldload"
- In reply to: void : "Re: dis/advantages of compiling in-kernel over kldload"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 12 Jul 2023 19:51:47 UTC
On 12/07/2023 21:03, void wrote: [..] > What I'd like to acheive is the following: > > If pf fails to load its ruleset, allow ssh from only this safe IP range > and block everything else. Take a look in to /etc/defaults/rc.conf or man rc.conf for some examples of pf_fallback variables. You can define simple rule or special file to load when your main ruleset (pf.conf) failed to load at boot time. Enable fallback pf_fallback_rules_enable="YES" and then use one of these pf_fallback_rules="block drop log all" pf_fallback_rules_file="/etc/pf-fallback.conf" Kind regards Miroslav Lachman