diff options
| author |   dhartmei <dhartmei@openbsd.org> | 2005-06-14 22:49:06 +0000 |
|---|---|---|
| committer | dhartmei <dhartmei@openbsd.org> | 2005-06-14 22:49:06 +0000 |
| commit | 4616f5d94c754cf1d68d78f220576502dd1faffa (patch) | |
| tree | 88a69ab55ee4332596f9f43ac181edd971767d03 | |
| parent | back out SMM lockdown patch until some other solution is found. (diff) | |
| download | wireguard-openbsd-4616f5d94c754cf1d68d78f220576502dd1faffa.tar.xz wireguard-openbsd-4616f5d94c754cf1d68d78f220576502dd1faffa.zip | |
split the dummy ruleset pfctl -f - -e into separate -f - and -e.
relevant when the dummy ruleset can't be loaded, we still want to enable
pf, otherwise the real ruleset (even if that does load correctly) won't
be active. might happen on a non-GENERIC kernel or after an update (before
/etc is manually updated). reported by Jim Rees. ok frantzen@
| -rw-r--r-- | etc/rc | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -1,4 +1,4 @@ -# $OpenBSD: rc,v 1.268 2005/06/02 20:09:38 tholo Exp $ +# $OpenBSD: rc,v 1.269 2005/06/14 22:49:06 dhartmei Exp $ # System startup script run by init on autoboot # or after single-user. @@ -234,7 +234,8 @@ if [ X"${pf}" != X"NO" ]; then RULES="$RULES\npass out proto udp from any to any port { 111, 2049 }" ;; esac - echo $RULES | pfctl -f - -e + echo $RULES | pfctl -f - + pfctl -e fi sysctl_conf |