[CVS Update of freesbie2 - M:0 A:2 R:0]

Dario Freni saturnero at freesbie.org
Sat Jun 3 20:24:54 CEST 2006


Matteo Riondato wrote:
> On Sat, Jun 03, 2006 at 01:56:47PM +0200, saturnero at freesbie.org wrote:
>> Log Message:
>> -----------
>> Add pf plugin, which creates a basic pf.conf in a dynamic fashion, detecting
>> present ethernet devices and allowing only outside connections and incoming
>> SSH connections.
> 
> I really like the idea and it's great to see our plugins base growing,
> but I don't like the implementation.
> This plugin requires etcmfs but I don't think it should, as it's
> really simple.
> I think it can be rewritten without the dependency on etcmfs, just
> using sh, pfctl, kldstat and kldload if needed and so on.
> Comments? Am I missing something really obvious?

Well, only a writable etc it's required, so etcmfs or unionfs are ok
with it. Also xconfig plugin need it. It is not that problem.

Due to its general purpose nature, I think this implementation can be
considered fine and functional. The only thing that needs to be changed,
imho, is removing pf_enable="YES" row and using forcestart to start pf.

-- 
Dario Freni (saturnero at freesbie.org)
FreeSBIE project is looking for a new builder machine!
Check http://www.freesbie.org/donations.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 186 bytes
Desc: OpenPGP digital signature
Url : http://mailman.gufi.org/pipermail/freesbie/attachments/20060603/d409f4b8/signature.bin


More information about the FreeSBIE mailing list