upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-04-03 16:35:27 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/share
History
Thomas Steen Rasmussen 28f47a199c pf: fallback if $pf_rules fails to load 
Support loading a default pf ruleset in case of invalid pf.conf.

If no pf rules are loaded pf will pass/allow all traffic, assuming the
kernel is compiled without PF_DEFAULT_TO_DROP, as is the case in
GENERIC.

In other words: if there's a typo in the main pf_rules we would allow
all traffic. The new default rules minimise the impact of this.

If $pf_program (i.e. pfctl) fails to set $pf_fules and
$pf_fallback_rules_enable is YES we will load $pf_fallback_rules_file if
set, or $pf_fallback_rules.

$pf_fallback_rules can include multiple rules, for example to permit
traffic on a management interface.

$pf_fallback_rules_enable defaults to "NO", preserving historic behaviour.

man page changes by ceri@.

PR:		256410
Reviewed by:	donner, kp
Sponsored by:	semaphor.dk
Differential Revision:	https://reviews.freebsd.org/D30791
2021-07-08 14:22:04 +02:00
..
colldef Add collation version support to querylocale(3). 2020-11-08 02:50:34 +00:00
ctypedef Fix CTYPE for ja_JP.eucJP and ja_JP.SJIS. 2020-06-29 03:23:13 +00:00
dict Sync with NetBSD's /usr/share/dict/words, with the exception of quim 2017-12-16 20:25:50 +00:00
doc pkgbase: Install atf and kyua in the tests package 2021-01-04 16:20:47 +01:00
dtrace pkgbase: Put dtrace in its own package 2021-06-19 17:49:31 +02:00
examples Catch up with Clang 12. 2021-06-14 18:42:59 -04:00
i18n share: normalize paths using SRCTOP-relative paths or :H when possible 2017-03-04 11:26:40 +00:00
keys pkgbase: Add the pkg trusted keys to the FreeBSD-utilities package 2019-09-05 19:17:17 +00:00
man pf: fallback if $pf_rules fails to load 2021-07-08 14:22:04 +02:00
misc share/misc: Update FreeBSD.org URLs 2021-07-04 22:04:33 +08:00
mk Simplify and speed up the kyua build 2021-07-02 09:21:05 +01:00
monetdef Add ga_IE.UTF-8 locale. 2018-11-26 19:39:49 +00:00
msgdef Add ga_IE.UTF-8 locale. 2018-11-26 19:39:49 +00:00
numericdef Add ga_IE.UTF-8 locale. 2018-11-26 19:39:49 +00:00
security
sendmail share: normalize paths using SRCTOP-relative paths or :H when possible 2017-03-04 11:26:40 +00:00
skel Make sh(1) support \u in PS1. This removes one fork/exec on interactive 2019-01-24 11:59:46 +00:00
snmp pkgbase: Put the mibs and defs in the bnsmp package 2021-06-19 17:50:03 +02:00
syscons syscons: scrnmaps: appease -Wmissing-variable-declarations 2021-01-01 11:53:47 -06:00
tabset
termcap termcap: add an entry for the foot terminal 2021-02-21 06:06:47 +01:00
tests
timedef Finsh readding Big5 in r317204, which was reverting r315568. This commit 2019-06-20 07:17:16 +00:00
vt vt/fonts: fix typo 2020-12-02 09:42:02 +00:00
zoneinfo pkgbase: Put zoneinfo file in their own package 2021-01-04 16:18:36 +01:00
Makefile Revert "terminfo: add terminfo database" 2021-03-18 10:57:23 +01:00
Makefile.inc