| PF.BOOT.CONF(5) | File Formats Manual | PF.BOOT.CONF(5) | 
pf.boot.conf —
pf.boot.conf file is used as initial configuration
  for the pf(4) packet filter. This
  file is loaded before the network is configured by the
  rc.d(8) script
  network. Its purpose is to protect the machine from possible
  attacks between the network configuration and the loading of the final
  ruleset.
The syntax of this file is described in pf.conf(5).
Note that at the stage the configuration is loaded, the network interface(s) do not have an IP address yet, so you cannot use rules that derive addresses from an interface (for example: “pass out from any to fxp0”).
scrub in all no-df
pass in proto udp from any port { 111, 2049 } to any
pass out proto udp from any to any port { 111, 2049 }
| August 17, 2005 | NetBSD 10.0 |