cvs commit: src/etc/rc.d pf
Yar Tikhiy
yar at FreeBSD.org
Sun Oct 2 12:12:42 PDT 2005
yar 2005-10-02 19:12:42 UTC
FreeBSD src repository
Modified files:
etc/rc.d pf
Log:
Record dependency on the newly introduced pfsync.
Start before routing for better system protection.
(pf used to start late during system boot, after
many a network daemon have started already, which
sucked from security POV.)
Remark: For maximum security, pf should start before
netif, but it would create a dependency loop because
pfsync has to start after netif, yet before pf.
Discussed with: mlaier on -pf
MFC after: 5 days
Revision Changes Path
1.9 +2 -2 src/etc/rc.d/pf
More information about the cvs-src
mailing list