Phil Regnauld wrote: > pf is good in this way that it _forces_ one to update pf.conf THEN > call pfctl. In practice one can also do this (modify the ipfw file > THEN call /etc/rc.d/rc.firewall or sh /etc/rc.firewall on 4.x). > Phil, and this is only something to be done on console if the kernel security level has been raised >1. Regards,