diff options
author | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2002-05-23 19:38:19 +0000 |
---|---|---|
committer | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2002-05-23 19:38:19 +0000 |
commit | 6b9841c34eae4893727692e406c8d959db8d0df3 (patch) | |
tree | 4f8862d6cb6a8ce2d2af402ef5b55117cfffa1fd | |
parent | f9af44845483e4aa0ad9f50a4b683b306722d93e (diff) |
Allow incoming ssh connections in the initial temporary rule set that's
active before /etc/pf.conf is loaded, just in case loading fails (and
leaves the inital set active). ok deraadt@
-rw-r--r-- | etc/rc | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -1,4 +1,4 @@ -# $OpenBSD: rc,v 1.193 2002/02/25 03:30:46 deraadt Exp $ +# $OpenBSD: rc,v 1.194 2002/05/23 19:38:18 dhartmei Exp $ # System startup script run by init on autoboot # or after single-user. @@ -125,6 +125,7 @@ if [ "X${pf}" != X"NO" ]; then # don't kill NFS RULES="$RULES\npass in proto udp from any port { 111, 2049 } to any" RULES="$RULES\npass out proto udp from any to any port { 111, 2049 }" + RULES="$RULES\npass in proto tcp from any to any port 22 keep state" ;; esac echo $RULES | pfctl -R - -e |