pf.boot.conf revision 1.1
1 1.1 peter # $NetBSD: pf.boot.conf,v 1.1 2005/08/23 12:12:56 peter Exp $ 2 1.1 peter # 3 1.1 peter # /etc/defaults/pf.boot.conf -- 4 1.1 peter # initial configuration for pf(4) 5 1.1 peter # 6 1.1 peter # see pf.boot.conf(5) for more information. 7 1.1 peter # 8 1.1 peter # DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM UPGRADE. 9 1.1 peter # EDIT /etc/pf.boot.conf INSTEAD. 10 1.1 peter # 11 1.1 peter 12 1.1 peter # Default deny. 13 1.1 peter block all 14 1.1 peter 15 1.1 peter # Don't block loopback. 16 1.1 peter pass on lo0 17 1.1 peter 18 1.1 peter # Allow outgoing dns, needed by pfctl to resolve names. 19 1.1 peter pass out proto { tcp, udp } from any to any port 53 keep state 20 1.1 peter 21 1.1 peter # Allow outgoing ping request, might be needed by dhclient to validate 22 1.1 peter # old (but valid) leases in /var/db/dhclient.leases in case it needs to 23 1.1 peter # fall back to such a lease (the dhcp server can be down or not responding). 24 1.1 peter pass out inet proto icmp all icmp-type echoreq keep state 25 1.1 peter 26 1.1 peter # Allow IPv6 router/neighbor sollicitation and advertisement. 27 1.1 peter pass out inet6 proto icmp6 all icmp6-type neighbrsol 28 1.1 peter pass in inet6 proto icmp6 all icmp6-type neighbradv 29 1.1 peter pass out inet6 proto icmp6 all icmp6-type routersol 30 1.1 peter pass in inet6 proto icmp6 all icmp6-type routeradv 31
Indexes created Thu Oct 02 14:10:14 GMT 2025