From the official doc: "select when the command/script will run; choices are Pre Init (very early in boot process before filesystems are mounted)"
So, if pre-init script runs before filesystems are mounted, then where should I place it?!
I'm trying to make FreeNAS at least somewhat protected (I see it's designed without thinking much about security). One of the part of this protection is to configure ipfw, which I first want to be deny by default. Since FreeNAS kernel is built with default accept policy, I have to set net.inet.ip.fw.default_to_accept=0 and the only wait to do it by settings Tunables of loader. Once it's done, nothing will works (e.g. some services that FreeNAS loads on boot will not run) until ipfw allow rules are set (by the script).
So, where to put that script that will be executed "very early in boot process before filesystems are mounted"?
So, if pre-init script runs before filesystems are mounted, then where should I place it?!
I'm trying to make FreeNAS at least somewhat protected (I see it's designed without thinking much about security). One of the part of this protection is to configure ipfw, which I first want to be deny by default. Since FreeNAS kernel is built with default accept policy, I have to set net.inet.ip.fw.default_to_accept=0 and the only wait to do it by settings Tunables of loader. Once it's done, nothing will works (e.g. some services that FreeNAS loads on boot will not run) until ipfw allow rules are set (by the script).
So, where to put that script that will be executed "very early in boot process before filesystems are mounted"?