From owner-freebsd-pf@FreeBSD.ORG Sat May 5 23:47:48 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D94DB16A402 for ; Sat, 5 May 2007 23:47:48 +0000 (UTC) (envelope-from schneecrash@gmail.com) Received: from ik-out-1112.google.com (ik-out-1112.google.com [66.249.90.182]) by mx1.freebsd.org (Postfix) with ESMTP id 6C51F13C45E for ; Sat, 5 May 2007 23:47:48 +0000 (UTC) (envelope-from schneecrash@gmail.com) Received: by ik-out-1112.google.com with SMTP id c29so112031ika for ; Sat, 05 May 2007 16:47:47 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:reply-to:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=cWEpmi6PBkDbGdkzWc78hPu47jE4lQvE7kIyf9WRfWxbO18jAhgAH2MTwcekFYFY6T4bosmcY09KMP6lT79DKsFVipfWcVU9HCiUZfZn9fG7Au8Jc1Up35fZn2xP35QvHTvsoTprHi0KOj/uA5IDHu9ArwJXd0JuDgQXPOh5CD4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:reply-to:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=m0fsGB+mT4aODYPjAxLLnzH6PI5QsKZn/QwQ/3XxgCqaRJXMjGTtPoyGp2YOTezYSa4BlRYmP2o3H2UUGtUBFlFfIZziw2/ivaRdSzmnccpxybRuPvN826hpiMj22Qsd5DIHMy3Qy2vHo3KJEUM/ALX+sAPiOEas9llOedlIyUI= Received: by 10.82.120.14 with SMTP id s14mr9011025buc.1178408867107; Sat, 05 May 2007 16:47:47 -0700 (PDT) Received: by 10.82.162.19 with HTTP; Sat, 5 May 2007 16:47:47 -0700 (PDT) Message-ID: <70f41ba20705051647g6d276b5fn23f4dbccb9dab1e8@mail.gmail.com> Date: Sat, 5 May 2007 16:47:47 -0700 From: snowcrash Sender: schneecrash@gmail.com To: freebsd-pf@freebsd.org In-Reply-To: <20070505224853.B826EB867@shodan.nognu.de> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20070505224853.B826EB867@shodan.nognu.de> X-Google-Sender-Auth: 2d06704f5b2d9c5f Subject: Re: PF not started on boot (though it's in /etc/rc.conf) X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-pf@freebsd.org List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 May 2007 23:47:48 -0000 hi, > I have a problem bringing up PF after a reboot of my 6.2 machine. > I tried pf_enable="YES" in /etc/rc.conf, but it doesn't seem to > get executed. /etc/rc.d/pf exists, also tried to declare pf_rules and > even pf_program without luck. I always have to do "pfctl -e -f > /etc/pf.conf" manually after the boot. this might help you track down the issue ... kill pf add/set in pf.conf, set debug urgent re-check your conf with, pfctl -vv -nf pf.conf then, restart pf, instead, with: /etc/rc.d/pf start watch your syslog & pf logs ... see anything of interest? hth!