| History log of /src/usr.sbin/pf/etc |
| Revision | Date | Author | Comments |
| 1.3 | 20-Jun-2008 |
peter | Install /etc/pf.os with 444 permissions.
Modify postinstall(8) to always upgrade /etc/pf.os.
Suggested by Luke Mewburn in PR/35188.
|
| 1.2 | 27-Jun-2005 |
peter | branches: 1.2.20;
Remove (pf)spamd. Its right to exist in NetBSD has been questioned since it
appeared and whether it's really part of pf or not is still unclear. Looking
at the other *BSDs it seems that they have left out spamd when importing pf,
and now we do that too. Also, the name conflicted with another more popular
used tool, after the rename to pfspamd it was left with completely unusable
documentation which apparently no-one wanted to fix.
A port of the latest spamd will be imported into pkgsrc soon.
Suggested by several people, no objections on last proposal on tech-userlevel.
|
| 1.1 | 14-Nov-2004 |
yamt | branches: 1.1.2;
merge after importing pf from openbsd 3.6. (userland part)
some files were imported to the different places from the previous version.
v3_5:
etc/pf.conf
etc/pf.os
etc/spamd.conf
share/man/man4/pf.4
share/man/man4/pflog.4
share/man/man5/pf.conf.5
share/man/man5/pf.os.5
share/man/man5/spamd.conf.5
v3_6:
dist/pf/etc/pf.conf
dist/pf/etc/pf.os
dist/pf/etc/spamd.conf
dist/pf/share/man/man4/pf.4
dist/pf/share/man/man4/pflog.4
dist/pf/share/man/man5/pf.conf.5
dist/pf/share/man/man5/pf.os.5
dist/pf/share/man/man5/spamd.conf.5
|
| 1.1.2.1 | 02-Jul-2005 |
tron | Pull up revision 1.2 (requested by peter in ticket #518):
Remove (pf)spamd. Its right to exist in NetBSD has been questioned since it
appeared and whether it's really part of pf or not is still unclear. Looking
at the other *BSDs it seems that they have left out spamd when importing pf,
and now we do that too. Also, the name conflicted with another more popular
used tool, after the rename to pfspamd it was left with completely unusable
documentation which apparently no-one wanted to fix.
A port of the latest spamd will be imported into pkgsrc soon.
Suggested by several people, no objections on last proposal on tech-userlevel.
|
| 1.2.20.1 | 23-Jun-2008 |
wrstuden | Sync w/ -current. 34 merge conflicts to follow.
|
| 1.1 | 23-Aug-2005 |
peter | branches: 1.1.2;
pf needs to be started after the network is up, because some pf rules
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.
Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.
No objections on: tech-security
|
| 1.1.2.2 | 02-Sep-2005 |
tron | Pull up following revision(s) (requested by peter in ticket #717):
usr.sbin/pf/man/man5/pf.boot.conf.5: revision 1.1
usr.sbin/postinstall/postinstall: revision 1.4
etc/rc.d/pf: revision 1.6
etc/rc.d/pf_boot: revision 1.1
usr.sbin/pf/etc/defaults/pf.boot.conf: revision 1.1
usr.sbin/pf/Makefile: revision 1.7
etc/rc.d/Makefile: revision 1.52
etc/mtree/special: revision 1.89
usr.sbin/pf/man/man5/Makefile: revision 1.5
usr.sbin/pf/etc/defaults/Makefile: revision 1.1
pf needs to be started after the network is up, because some pf rules
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.
Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.
No objections on: tech-security
|
| 1.1.2.1 | 23-Aug-2005 |
tron | file Makefile was added on branch netbsd-3 on 2005-09-02 12:29:37 +0000
|
| 1.5 | 17-Feb-2019 |
gutteridge | pf.boot.conf: remove lingering references to dhclient(8), and while
here, capitalize acronyms. Addresses part of PR misc/53669.
|
| 1.4 | 26-May-2017 |
hauke | branches: 1.4.10;
Enable carp packets early during boot, to avoid gratuitous failovers.
Okayed by christos@
|
| 1.3 | 02-Sep-2007 |
tron | Use "ipv6-icmp" instead of "icmp6" to allow loading these rules again.
Patch supplied by Daniel Horecki in PR bin/36874.
|
| 1.2 | 10-Jan-2006 |
reed | branches: 1.2.10;
Fix mispelling in a comment.
|
| 1.1 | 23-Aug-2005 |
peter | branches: 1.1.2;
pf needs to be started after the network is up, because some pf rules
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.
Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.
No objections on: tech-security
|
| 1.1.2.2 | 02-Sep-2005 |
tron | Pull up following revision(s) (requested by peter in ticket #717):
usr.sbin/pf/man/man5/pf.boot.conf.5: revision 1.1
usr.sbin/postinstall/postinstall: revision 1.4
etc/rc.d/pf: revision 1.6
etc/rc.d/pf_boot: revision 1.1
usr.sbin/pf/etc/defaults/pf.boot.conf: revision 1.1
usr.sbin/pf/Makefile: revision 1.7
etc/rc.d/Makefile: revision 1.52
etc/mtree/special: revision 1.89
usr.sbin/pf/man/man5/Makefile: revision 1.5
usr.sbin/pf/etc/defaults/Makefile: revision 1.1
pf needs to be started after the network is up, because some pf rules
derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.
Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.
No objections on: tech-security
|
| 1.1.2.1 | 23-Aug-2005 |
tron | file pf.boot.conf was added on branch netbsd-3 on 2005-09-02 12:29:37 +0000
|
| 1.2.10.1 | 06-Nov-2007 |
matt | sync with HEAD
|
| 1.4.10.1 | 10-Jun-2019 |
christos | Sync with HEAD
|
