I intent to load pf firewall on rpi and not stay locked out of the node. The only comminication is via ssh. My plan is to try out rules and, for every safety, reboot the node to state without pf. Like this:
# modload pf
# pfctl -f /etc/pf.conf; shutdown -r +10
If I make permanent move to "pf=YES" and make a
mistake, I would have to install from the scratch.
Does my plan sound sane?
Best regards
Zoran
