From owner-freebsd-pf@FreeBSD.ORG  Tue Dec  9 21:48:21 2008
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id AE61B1065675
	for <freebsd-pf@freebsd.org>; Tue,  9 Dec 2008 21:48:21 +0000 (UTC)
	(envelope-from gofdp-freebsd-pf@m.gmane.org)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2])
	by mx1.freebsd.org (Postfix) with ESMTP id 69C508FC16
	for <freebsd-pf@freebsd.org>; Tue,  9 Dec 2008 21:48:21 +0000 (UTC)
	(envelope-from gofdp-freebsd-pf@m.gmane.org)
Received: from list by ciao.gmane.org with local (Exim 4.43)
	id 1LAARD-0000O8-Ec
	for freebsd-pf@freebsd.org; Tue, 09 Dec 2008 21:48:15 +0000
Received: from mulderlab.f5.com ([205.229.151.151])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <freebsd-pf@freebsd.org>; Tue, 09 Dec 2008 21:48:15 +0000
Received: from atkin901 by mulderlab.f5.com with local (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <freebsd-pf@freebsd.org>; Tue, 09 Dec 2008 21:48:15 +0000
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-pf@freebsd.org
From: Mark Atkinson <atkin901@yahoo.com>
Date: Tue, 09 Dec 2008 13:48:02 -0800
Lines: 34
Message-ID: <ghmp2m$9hl$1@ger.gmane.org>
References: <493E82B3.5090002@eskk.nu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7Bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: mulderlab.f5.com
User-Agent: KNode/0.10.9
Sender: news <news@ger.gmane.org>
Subject: Re: Personal firewall with two interfaces
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Dec 2008 21:48:21 -0000

Leslie Jensen wrote:
> I usually make a change pf.conf where I change
> 
> # ext_if="em0"
> ext_if="rum0"
> 
> or vice versa.
> 
> My problem is that if the "wrong" interface is active in pf.conf
> there'll be some waiting for ntpd sshd and bsdstats to time out.
> 
> I would like to configure pf so that both interfaces are treathed the
> same, only one active interface at the time, but to remove the need for
> a manual change of pf.conf at startup.
> 
> Any hints are appreciated.

You should leave your pf.conf alone and rename your interfaces (based on
which one is inserted -- maybe via devd).  You could also code something up
in like /etc/rc.d/early.sh to figure out which one is available and rename
it.

for example:

ifconfig msk0 name external
ifconfig xl0 name internal
ifconfig sk0 name wireless

and just leave ext_if="external" in your pf.conf.

--
Mark Atkinson
atkin901@yahoo.com
(!wired)?(coffee++):(wired);