[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-pf
Subject:    Re: Is a 'PF default to block' setting outside pf.conf a desirable
From:       peter () bgnett ! no (Peter N !  M !  Hansteen)
Date:       2005-11-15 8:20:22
Message-ID: 86acg6fhkp.fsf () amidala ! datadok ! no
[Download RAW message or body]

Daniel Hartmeier <daniel@benzedrine.cx> writes:

> Believe it or not, we now survived more than four years without that
> feature, and noone ever complained (much less called it a 'fatal flaw'),
> so you'll have to excuse me for, well, *yawn*.

OpenBSD does not have a problem as far as I can see.  The problem seems
to be that the /FreeBSD/ PF port for some reason did not bring over the
pre network interface rc bits from OpenBSD. I haven't checked the others
(NetBSD, DragonFlyBSD), so I'm not sure what the status is there.

Anyway the 'window of opportunity' would be ahem, rather small. 

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"
[prev in list] [next in list] [prev in thread] [next in thread]