CVSROOT: /cvs Module name: src Changes by: clau...@cvs.openbsd.org 2014/01/19 02:39:04
Modified files:
etc : rc
Log message:
Extend the initial pf ruleset to explicitly allow dhcp / bootp and dhcpv6.
Our dhclient only uses the bpf tap for broadcast packets (which bypass
pf) but lease renewals will use a regular socket and are blocked without
this change. Rules are written so that accidential forwarding of packets
is not possible.
Diff from brad@, OK henning@, benno@, mikeb@
