FreeBSD

Donate to FreeBSD

Home

About

Get FreeBSD
- Release Information
- Release Engineering

Documentation

Community

Developers

Support

Foundation
- Monetary Donations
- Hardware Donations

Packet Filter (PF) Question(s)

Thread starter markfisher
Start date Jul 3, 2013

M

markfisher

Jul 3, 2013

#1

Hi

I have some questions about Packet Filter (PF):

I moved pf.conf and pf.os files from /etc to /etc/firewall. In my Packet Filter configuration file, pf.conf, I have
Code:
```
set fingerprints "/etc/firewall/pf.os"
```
and in my rc.conf, I have
Code:
```
...
pf_rules="/etc/firewall/pf.conf"
...
```
Now every time I reboot the system, I get the message:
Code:
```
pfctl: /etc/pf.os: No such file or directory.
```
I went through the man page for pfctl to find the option to specify the new location for pf.os but no luck (I might have missed something). How can I tell pfctl the new location of that file?

I might be wrong, but what I understand that Packet Filter anchor rules are dynamic (Am I right?). So the FTP proxy (ftp-proxy) should not work if I have (in rc.conf)
Code:
```
...
kern_securelevel="3" # Disable run-time tweaking of firewall configuration
...
```
Am I right?

Thanks
Mark

K

krzysiekb81

Jul 13, 2013

#2

Hi

The pf.os location is defined in /usr/src/contrib/pf/pfctl/pfctl_parser.h:

Code:

#define PF_OSFP_FILE             "/etc/pf.os"

You must log in or register to reply here.

Share:

Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Top