]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 887d2a0) | patch
[pf] /etc/rc.d/pf should REQUIRE routing
authorkaktus <kaktus@FreeBSD.org>
Thu, 8 Oct 2020 11:45:10 +0000 (11:45 +0000)
committerkaktus <kaktus@FreeBSD.org>
Thu, 8 Oct 2020 11:45:10 +0000 (11:45 +0000)
commit4dea0beaf202e539b44a4a1dcc1ed56eafe0dd35
tree4ad8437775bb23e624e1dac2f4398e01271dccf8tree | snapshot
parent887d2a0ea282e7c0791656b8d1400d24645d6055commit | diff
[pf] /etc/rc.d/pf should REQUIRE routing

When a system with pf_enable="YES" in /etc/rc.conf uses hostnames in
/etc/pf.conf, these hostnames cannot be resolved via external nameservers
because the default route is not yet set. This results in an empty
(all open) ruleset.

Since r195026 already put netif back to REQUIRE, this change does not affect
the issue that the firewall should rather have been setup before any
network traffic can occur.

PR: 211928
Submitted by: Robert Schulze
Reported by: Robert Schulze
Tested by: Mateusz Kwiatkowski
No objections from: kp
MFC after: 3 days
libexec/rc/rc.d/pf diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.