derive IP address(es) from the interface (e.g "... from any to fxp0").
This however, creates window for possible attacks from the network.
Implement the solution proposed by YAMAMOTO Takashi:
Add /etc/defaults/pf.boot.conf and load it with the /etc/rc.d/pf_boot
script before starting the network. People who don't like the default
rules can override it with their own /etc/pf.boot.conf.
The default rules have been obtained from OpenBSD.
No objections on: tech-security
appeared and whether it's really part of pf or not is still unclear. Looking
at the other *BSDs it seems that they have left out spamd when importing pf,
and now we do that too. Also, the name conflicted with another more popular
used tool, after the rename to pfspamd it was left with completely unusable
documentation which apparently no-one wanted to fix.
A port of the latest spamd will be imported into pkgsrc soon.
Suggested by several people, no objections on last proposal on tech-userlevel.
* End user modifiable configuration has moved from
/usr/X11R6/lib/X11/<someprog>
to
/etc/X11/<someprog>
This is consistent with our own policies as well as other projects.
The files & directories that were moved have _NOT_ been marked
`obsolete', as they contain user configuration and therefore we
don't want the automatic "obsolete file removal" mechanism to
remove them.
* The /etc/font/* and /etc/X11/* configuration files are installed
with 'configinstall' (not 'install'), using CONFIGFILES and
CONFIGSYMLINKS.
This is so that a normal 'make build' in src/x11 will not
trash your configuration.
* A 'distribution' target has been added to src/x11 to perform
'make configinstall' in the appropriate subdirectories.
(Should we consider making 'configinstall' a first-class target?)
* The xdm pixmaps have have been moved to /usr/X11R6/include/X11/pixmaps
where the other pixmaps are.
(I don't consider these pictures end-user configuration).
IMPORTANT NOTE:
* These changes require an up to date xsrc, and 'make cleandir' should
be performed in src/x11 before a build for the changes to fully take
effect.
target) instead of using home-grown 'distribution' targets or using
FILES with the 'install' target.
Add some etc/ subdir Makefiles where appropriate.
XXX: some of etc/Makefile install-etc-files could be converted to CONFIGFILES.
(All paths are relative to usr/X11R6)
* Obsolete:
bin/fontconfig-config
* Add directories:
lib/X11/locale/zh_CN.UTF-8
lib/X11/xkb/geometry/ibm
* Rename include/freetype2/ft2build.h to include/ft2build.h and obsolete former
* Add files:
fonttosfnt(1) program & man page
include/expat.h
lib/X11/app-defaults/XClock-color
lib/X11/fonts/TTF/Vera*.ttf
some font encodings
zn_CN.UTF-8 locale
some font encodings
various xkb config files
lib/X11/xedit/lisp/progmodes/patch.lsp
Xfontcache(3) and various links
XDGA(3) and various links
XRes(3) and various links
Xss(3) and various XScreenSaver*(3) links
* Add some more TODO items
* Clean up lib/expat build now that the version is hard coded.
tsarna