Re: pf and rpi

To: Thor Lancelot Simon <tls%panix.com@localhost>
Subject: Re: pf and rpi
From: Zoran Kolic <zkolic%sbb.rs@localhost>
Date: Tue, 7 Oct 2014 17:01:45 +0200

> Why are you trying to change the security
> level to -1?  If you want to load a kernel module, you need simply to do
> so before the system is running at securelevel 1 during the boot process.

Exactelly!
I was wondering if it was possible to just load the module
and pfctl/npfctl latter. With help on port-arm, there might
be a solution, adding a file in /etc/rc.d and enabling it in
/etc/rc.conf with "modload=YES". It might look like this:

#!/bin/sh
#

# PROVIDE: modload
# BEFORE: securelevel

name=modload
rcvar=$name
command="/sbin/modload pf"

load_rc_config $name
run_rc_command "$1"

I'm pretty much puzzled if wrong rc.d file could block boot
process and brick the node. All this for a reason pf is old
version, of which I do not recall proper syntax, compared to
current. Never used npf and feel reluctant to load configuration
on remote node, without safe net. First npfctl with addition
to reboot without firewall.
Best regards

                            Zoran

Follow-Ups:
- Re: pf and rpi
  - From: Eric Haszlakiewicz

References:
- pf and rpi
  - From: Zoran Kolic
- Re: pf and rpi
  - From: uhel
- Re: pf and rpi
  - From: Zoran Kolic
- Re: pf and rpi
  - From: Christian Koch
- Re: pf and rpi
  - From: Zoran Kolic
- Re: pf and rpi
  - From: Rhialto
- Re: pf and rpi
  - From: Zoran Kolic
- Re: pf and rpi
  - From: Thor Lancelot Simon

Prev by Date: Re: pf and rpi
Next by Date: Re: pf and rpi
Previous by Thread: Re: pf and rpi
Next by Thread: Re: pf and rpi
Indexes:

Home | Main Index | Thread Index | Old Index