From owner-freebsd-stable@FreeBSD.ORG  Mon Jan 29 12:02:58 2007
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 42DFD16A541
	for <freebsd-stable@freebsd.org>; Mon, 29 Jan 2007 12:02:58 +0000 (UTC)
	(envelope-from petefrench@ticketswitch.com)
Received: from mail.ticketswitch.com (mail.ticketswitch.com [194.200.93.188])
	by mx1.freebsd.org (Postfix) with ESMTP id 43F5313C49D
	for <freebsd-stable@freebsd.org>; Mon, 29 Jan 2007 12:02:57 +0000 (UTC)
	(envelope-from petefrench@ticketswitch.com)
Received: from [172.16.1.6] (helo=dilbert.ticketswitch.com)
	by mail.ticketswitch.com with esmtp (Exim 4.60 (FreeBSD))
	(envelope-from <petefrench@ticketswitch.com>)
	id 1HBVDo-0007Dr-Ng; Mon, 29 Jan 2007 12:02:52 +0000
Received: from petefrench by dilbert.ticketswitch.com with local (Exim 4.66
	(FreeBSD)) (envelope-from <petefrench@ticketswitch.com>)
	id 1HBVDo-0008WW-Fe; Mon, 29 Jan 2007 12:02:52 +0000
To: freebsd-stable@freebsd.org, max@love2party.net
In-Reply-To: <200701281815.37558.max@love2party.net>
Message-Id: <E1HBVDo-0008WW-Fe@dilbert.ticketswitch.com>
From: Pete French <petefrench@ticketswitch.com>
Date: Mon, 29 Jan 2007 12:02:52 +0000
Cc: rcoleman@criticalmagic.com, bms@freebsd.org
Subject: Re: impossible rc.d ordering problem with stf and pf ?
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jan 2007 12:02:58 -0000

> 1) You use the interface name as address w/o dynamic lookup.
> i.e. "... from stf0 ..."

Yes, thats it - I hadn't come across this 'dynamic lookup' thing before 
though, so I didn't realise what it was. I still cant find it in the PF
manual, aside from a reference that you need to do it for NAT.

> To 1 and 2 there is a simple sollution: Don't do that then!  1 can easily=20
> be defused by adding parentheses. i.e. "... from (stf0) ...".

	pass out on (stf0) inet6 from any to any keep state

Gives me a syntax error when I try and load it with pfctl. If I change
it to:

	pass out on stf0 inet6 from any to any keep state

Then it works loading it with pfctl, but now does not work at boot due to
the lack of stf0 interface. :-(

-pete.