View Full Version : pf differences start
December 6th, 2010, 21:47
What is difference if enable pf from rc.conf or compile in kernel? Can i get the same security in both cases?
December 7th, 2010, 00:58
If you enable it in /etc/rc.conf, pf will be loaded as a kernel loadable module (like doing kldload pf). This isn't necessary when it's compiled into the kernel. The only possible advantage I see is that an attacker who manages to escalate to root privileges could manually unload the module. This is, of course, a moot point if you think about it for a second.
December 7th, 2010, 08:39
The only difference would be ALTQ. That's disabled when using modules.
December 7th, 2010, 12:13
It's disabled in GENERIC but you can compile your own kernel with pf as modules and with ALTQ support.
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.