[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is a 'PF default to block' setting outside pf.conf a desirablefeature?




On Mon, 14 Nov 2005, mike scott wrote:


I accept that this may not be an issue for some; for my own part,
although I would /very/ much like to use the extra flexibility pf
offers compared with the alternatives, nevertheless, I view this
startup issue as a fundamental and fatal flaw. I shall certainly keep
an eye on pf development, but for the present will continue to use ipf.

Why is setting a "block all" before any interfaces are configured up not sufficient?