| History log of /src/etc/rc.d/npf_boot |
| Revision | | Date | Author | Comments |
| 1.6 |
| 30-Nov-2021 |
sborrill | Revert previous. Explicitly load the value of npf or pf
|
| 1.5 |
| 26-Nov-2021 |
sborrill | Load rc configuration based on rcvar, not name, so that correct settings
in /etc/rc.conf.d are loaded.
Usually this does not matter as rcvar and name are set to the same value.
For pf_boot and npf_boot, rcvar is set to pf and npf respectively.
Prior to the change, if:
rc.conf contains nfp=YES
rc.conf.d/npf does not exist
Then:
/etc/rc.d/npf_boot rcvar
outputs:
# npf_boot
$npf=YES
If:
rc.conf contains npf=NO (or is not set)
rc.conf.d/npf contains npf=YES
Then:
/etc/rc.d/npf_boot rcvar
outputs:
# npf_boot
$npf=NO
This means that in the latter case, at boot time the npfctl start command
is never run and the firewall is not operational.
|
| 1.4 |
| 08-Sep-2020 |
martin | Rename MOUNTCRITLOCAL to CRITLOCALMOUNTED to avoid a name collision
on case insensitive file systems
|
| 1.3 |
| 22-Jul-2020 |
martin | Split the local disk availability step into two phases to allow scripts
that pre-populate parts of the system (e.g. a tmpfs based /var) an
easy place to plug in like:
# REQUIRE: mountcritlocal
# BEFORE: MOUNTCRITLOCAL
This also cleans up the existing special handling a bit by separating it
into new scripts. All later scripts now depend on MOUNTCRITLOCAL.
Discussed on tech-userlevel some time ago.
|
| 1.2 |
| 05-Oct-2019 |
sevan | No need to empose the script to be runnable during boot time, it prevents the
script from wroking if the system is booted into single user mode & then
moved onto multi-user mode.
Reported by <pgoyette> for NPF but the issue is there in PF too.
|
| 1.1 |
| 02-Apr-2019 |
sevan | branches: 1.1.2; 1.1.4;
Add an initial ruleset and rc script for NPF to protect host during early stage
of boot, similar to what is currently available for PF.
|
| 1.1.4.3 |
| 26-Nov-2021 |
martin | Backout previous pullup from ticket #1377:
etc/rc.d/npf_boot: revision 1.5
etc/rc.d/pf_boot: revision 1.8
|
| 1.1.4.2 |
| 26-Nov-2021 |
martin | Pull up following revision(s) (requested by sborrill in ticket #1377):
etc/rc.d/npf_boot: revision 1.5
etc/rc.d/pf_boot: revision 1.8
Load rc configuration based on rcvar, not name, so that correct settings
in /etc/rc.conf.d are loaded.
Usually this does not matter as rcvar and name are set to the same value.
For pf_boot and npf_boot, rcvar is set to pf and npf respectively.
Prior to the change, if:
rc.conf contains nfp=YES
rc.conf.d/npf does not exist
Then:
/etc/rc.d/npf_boot rcvar
outputs:
$npf=YES
If:
rc.conf contains npf=NO (or is not set)
rc.conf.d/npf contains npf=YES
Then:
/etc/rc.d/npf_boot rcvar
outputs:
$npf=NO
This means that in the latter case, at boot time the npfctl start command
is never run and the firewall is not operational.
|
| 1.1.4.1 |
| 06-Oct-2019 |
martin | Pull up following revision(s) (requested by sevan in ticket #288):
etc/rc.d/npf_boot: revision 1.2
etc/rc.d/pf_boot: revision 1.5
No need to empose the script to be runnable during boot time, it
prevents the
script from wroking if the system is booted into single user mode & then
moved onto multi-user mode.
Reported by <pgoyette> for NPF but the issue is there in PF too.
|
| 1.1.2.3 |
| 13-Apr-2020 |
martin | Mostly merge changes from HEAD upto 20200411
|
| 1.1.2.2 |
| 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.2.1 |
| 02-Apr-2019 |
christos | file npf_boot was added on branch phil-wifi on 2019-06-10 21:42:45 +0000
|
