Thanks Jan, Thanks Zeloff. I think I will try combining both suggested approaches.
24 Nov 2025, 21:54 by [email protected]: > On Nov 24 20:06:59, [email protected] wrote: > >> I have a simple pf firewall, and to "rebuild" it (in case of disaster) I >> think I can probably just backup some selected files. >> >> List below. Is this a sound approach in principle? And/or have I missed any >> obvious files/locations? >> > > It would imho be much simple to tar czf backup.tgz /etc > Not to mention you should have proper backups (as in dump, not dd) > of / (where /etc lives) and /var (where /var/backups lives). > > There is nothing to be gained by curating a subset: > you will save kilobytes, for the price of eventualy > forgetting something you wanted. > > Jan > > > > >> (thanks!) >> >> /etc/ntpd.conf ntp configuration >> /etc/rc.conf services to start >> /etc/rc.conf.local autostart unbound and dhcpd at boot >> /etc/login.conf.d/unbound unbound file descriptor limit increase >> /etc/dhcpleased.conf stop the dns supplied in dhcp from >> writing to resolve.conf - WAN/ISP NIC >> /etc/doas.conf doas config >> /etc/myname system name >> /etc/sysctl.conf enabled ipv4 packet forwarding >> /etc/hostname.* network interface configs >> /etc/dhcpd.conf dhcp server config >> /etc/pf.conf pf firewall config >> /var/unbound/etc/unbound.conf unbound dns server config >> /etc/resolv.conf point dns at self >>
