From 516864a153cff4cc9355e36a10d1ab66d1636b49 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Fri, 21 Sep 2001 05:51:13 +0000
Subject: [PATCH] start pflogd in a different place; do not block NFS in
 diskless situations; danh & cedric@wireless-networks.com

---
 src/etc/rc | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/src/etc/rc b/src/etc/rc
index 818a2fc1..0a10818d 100644
--- a/src/etc/rc
+++ b/src/etc/rc
@@ -1,4 +1,4 @@
-#	$OpenBSD: rc,v 1.183 2001/09/19 16:27:47 todd Exp $
+#	$OpenBSD: rc,v 1.184 2001/09/21 05:51:13 deraadt Exp $
 
 # System startup script run by init on autoboot
 # or after single-user.
@@ -117,7 +117,15 @@ echo 'setting tty flags'
 ttyflags -a
 
 if [ "X$pf" != X"NO" ]; then
-	echo "block in all\nblock out all" | pfctl -R - -e
+	RULES="block in all\nblock out all"
+	case `sysctl vfs.mounts.nfs` in
+	*[1-9]*)
+		# don't kill NFS
+		RULES="$RULES\npass in proto udp from any port { 111, 2049 } to any"
+		RULES="$RULES\npass out proto udp from any to any port { 111, 2049 }"
+		;;
+	esac
+	echo $RULES | pfctl -R - -e
 fi
 
 if [ -f /etc/sysctl.conf ]; then
@@ -147,11 +155,6 @@ fi
 mount /usr >/dev/null 2>&1
 mount /var >/dev/null 2>&1
 
-if [ "X$pf" != X"NO" ]; then
-	ifconfig pflog0 up
-	pflogd ${pflogd_flags}
-fi
-
 # if there's no /var/db/host.random, make one through /dev/urandom
 if [ ! -f /var/db/host.random ]; then
 	dd if=/dev/urandom of=/var/db/host.random bs=1024 count=64 \
@@ -186,6 +189,11 @@ if [ "X${named_flags}" != X"NO" -a "X${named_chroot}" != "X" ]; then
 fi
 syslogd ${syslogd_flags}
 
+if [ "X$pf" != X"NO" ]; then
+	ifconfig pflog0 up
+	pflogd ${pflogd_flags}
+fi
+
 # $named_flags, $named_user, and $named_chroot are imported from /etc/rc.conf;
 # if $named_flags != NO, named is run.
 if [ "X${named_flags}" != X"NO" ]; then