On October 7, 2014 11:01:45 AM EDT, Zoran Kolic <zko...@sbb.rs> wrote: >> Why are you trying to change the security >> level to -1? If you want to load a kernel module, you need simply to >do >> so before the system is running at securelevel 1 during the boot >process. > >Exactelly! >I was wondering if it was possible to just load the module >and pfctl/npfctl latter. With help on port-arm, there might >be a solution, adding a file in /etc/rc.d and enabling it in >/etc/rc.conf with "modload=YES". It might look like this: ... >I'm pretty much puzzled if wrong rc.d file could block boot >process and brick the node. All this for a reason pf is old >version, of which I do not recall proper syntax, compared to >current. Never used npf and feel reluctant to load configuration >on remote node, without safe net. First npfctl with addition >to reboot without firewall. >Best regards
If you want to keep the securelevel at 0 so you can load modules by hand after the boot finishes, add securelevel=0 to /etc/rc.conf Eric
