Re: pf and rpi

To: Zoran Kolic <zkolic%sbb.rs@localhost>,Thor Lancelot Simon <tls%panix.com@localhost>
Subject: Re: pf and rpi
From: Eric Haszlakiewicz <erh%nimenees.com@localhost>
Date: Tue, 07 Oct 2014 12:35:54 -0400

On October 7, 2014 11:01:45 AM EDT, Zoran Kolic <zkolic%sbb.rs@localhost> wrote:
>> Why are you trying to change the security
>> level to -1?  If you want to load a kernel module, you need simply to
>do
>> so before the system is running at securelevel 1 during the boot
>process.
>
>Exactelly!
>I was wondering if it was possible to just load the module
>and pfctl/npfctl latter. With help on port-arm, there might
>be a solution, adding a file in /etc/rc.d and enabling it in
>/etc/rc.conf with "modload=YES". It might look like this:
...
>I'm pretty much puzzled if wrong rc.d file could block boot
>process and brick the node. All this for a reason pf is old
>version, of which I do not recall proper syntax, compared to
>current. Never used npf and feel reluctant to load configuration
>on remote node, without safe net. First npfctl with addition
>to reboot without firewall.
>Best regards

If you want to keep the securelevel at 0 so you can load modules by hand after the boot finishes, add securelevel=0 to /etc/rc.conf

Eric

Follow-Ups:
- Re: pf and rpi
  - From: Zoran Kolic

References:
- pf and rpi
  - From: Zoran Kolic
- Re: pf and rpi
  - From: uhel
- Re: pf and rpi
  - From: Zoran Kolic
- Re: pf and rpi
  - From: Christian Koch
- Re: pf and rpi
  - From: Zoran Kolic
- Re: pf and rpi
  - From: Rhialto
- Re: pf and rpi
  - From: Zoran Kolic
- Re: pf and rpi
  - From: Thor Lancelot Simon
- Re: pf and rpi
  - From: Zoran Kolic

Prev by Date: Re: pf and rpi
Next by Date: A Spooky MeetBSD California 2014 (Fwd)
Previous by Thread: Re: pf and rpi
Next by Thread: Re: pf and rpi
Indexes:

Home | Main Index | Thread Index | Old Index