soup4you2
September 2nd, 2003, 19:05
Will anybody care to explain why FreeBSD's PF will not work when kernel securelevel is enabled?

seems kinda ridiculous

bsdjunkie
September 2nd, 2003, 21:14
What secure level are you using?

At lev 1:
no load/unload kern modules with kldload.
cant write to sys memory via /dev/mem or kmem devices
can not format devices
cant start Xwin.

At Lev2:
all of lev1 and the following
cannot write directly to either mounted or unmounted filesystems
can not alter system time by more than 1 sec at time.

At Lev3:
Prevents changes to IPFW or IPFilter rules.

soup4you2
September 2nd, 2003, 21:16
arr... i took that into account..

i'm loading the pf in rc.conf

then at the end of the rc.conf i load kern.securelevel 1

and *poof* no networking

soup4you2
September 9th, 2003, 17:19
Think i got it straightend out... hehe user error...

/me too ashamed to admit his fault