Date: Wed, 9 Jun 2004 05:48:51 +1000 From: Peter Jeremy <PeterJeremy@optushome.com.au> To: Jonathan Weiss <tomonage2@gmx.de> Cc: current@freebsd.org Subject: Re: Loading the PF ruleset fails due to ppp Message-ID: <20040608194851.GD1596@cirb503493.alcatel.com.au> In-Reply-To: <BCE8C291.14A4D%tomonage2@gmx.de> References: <BCE8C291.14A4D%tomonage2@gmx.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 2004-Jun-06 12:46:09 +0200, Jonathan Weiss wrote: >The problem is, that ppp is not fast enough for PF. PF is starting up before >ppp gets an IP for tun0, so loading the ruleset fails. While using the >PF-port, the time lag between starting ppp and PF was big enough, as PF was >started whith the other third-party tools. With PF now in the basesystem, it >is too fast for ppp. ... >Could we add the "sleep 10" or maybe a "sleep 5" in this function? I'm sure >when current become 5.3 I'll be not alone with my problem. I disagree with this "solution". Whilst a 5 or 10 second sleep may work for you today, it may not work tomorrow (when your ISP's servers are a bit busier). It is unlikely to be appropriate for everyone. It shouldn't be too difficult to force the rc.d scripts to synchronise to the PPP link: 1) Create a "ppp.linkup" that creates a flag file somewhere 2) Create a rc.d script with "after ppp, before pf" (or whatever) that waits for the flag file to appear (and then deletes it): until [ -f /flag/file ] ; do sleep 1 ; done (add error checking to suit) -- Peter Jeremy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040608194851.GD1596>