PF.BOOT.CONF(5)           NetBSD File Formats Manual           PF.BOOT.CONF(5)


NAME
pf.boot.conf -- initial configuration for packet filter
DESCRIPTION
The pf.boot.conf file is used as initial configuration for the pf(4) packet filter. This file is loaded before the network is configured by the rc.d(8) script network. Its purpose is to protect the machine from possible attacks between the network configuration and the loading of the final ruleset. The syntax of this file is described in pf.conf(5). Note that at the stage the configuration is loaded, the network inter- face(s) do not have an IP address yet, so you cannot use rules that derive addresses from an interface (for example: ``pass out from any to fxp0'').
FILES
/etc/defaults/pf.boot.conf Default initial ruleset file. /etc/pf.boot.conf Override of the default initial ruleset file.
EXAMPLES
When using NFS (e.g. diskless situations), you'll also need the following rules in addition to the default rules to unblock NFS: scrub in all no-df pass in proto udp from any port { 111, 2049 } to any pass out proto udp from any to any port { 111, 2049 }
SEE ALSO
pf(4), pf.conf(5), pfctl(8) NetBSD 5.0_RC4 August 17, 2005 NetBSD 5.0_RC4

You can also request any man page by name and (optionally) by section:

Command: 
Section: 
Architecture: 
Collection: 
 

Use the DEFAULT collection to view manual pages for third-party software.


Powered by man-cgi 1.15, Panagiotis Christias
Modified for NetBSD by Kimmo Suominen