have I misunderstood some config seperation? e.g. pf.conf

[Deleted member 65380]

I'll use pf.conf as an example as it's very common.

I put my pf.conf in /usr/local/etc/pf.conf (works fine, specified in rc.conf)

But I wonder if I my mental model of where config belongs is maybe not quite correct.

I tried to make it so all the configs I was customizing were in /usr/local/etc... except rc.conf and syslog.conf as they were pretty sticky.

Is it more proper to have pf.conf in /etc/ because it is part of the base install and then external packages config files under /usr/local/... ?

 

[SirDice]

I put my pf.conf in /usr/local/etc/pf.conf

Wrong place, it's /etc/pf.conf.

I tried to make it so all the configs I was customizing were in /usr/local/etc... except rc.conf and syslog.conf as they were pretty sticky.

Those are specifically set up so they're usable there. See rc.conf(5) and the bottom of /etc/syslog.conf:

include                                         /etc/syslog.d
include                                         /usr/local/etc/syslog.d

Is it more proper to have pf.conf in /etc/ because it is part of the base install

Yes.

 

[Deleted member 65380]

!-devd
!-unbound   #THIS LINE IS ADDITIONAL
*.=debug                                        /var/log/debug.log

I have to modify /etc/syslog.conf anyway and do already utilize the "include" locations you've pointed out, it ends up being a bit of a mix.

Everything I have set up works fine.

 

[Deleted member 65380]

Wrong place, it's /etc/pf.conf.

pf_rules="/usr/local/etc/pf.conf" I don't understand how it can be wrong if it's allowed to be specified. Improper or unconventional, sure.

 

[SirDice]

Sure, but the default is set to /etc/pf.conf. No reason to change that.

pf_rules="/etc/pf.conf"         # rules definition file for pf (nonexistent
                                # by default)