Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 17 Jun 2014 11:33:28 -0700
From:      Jesse Gooch <lists@gooch.io>
To:        freebsd-questions@freebsd.org
Subject:   pppoe with ppp and pf nat - problems booting
Message-ID:  <53A089F8.4060409@gooch.io>
next in thread | raw e-mail | index | archive | help 
Hello all!

I've just set up an i386 box as my router with FreeBSD 10-RELEASE
(updated with freebsd-update). I have two interfaces: sk0 and rl0. sk0
is configured in ppp.conf for pppoe to my DSL modem. rl0 is configured
to a local IP, and I have pf set up for NAT and some port forwarding.
Unfortunately on boot pf does not get set up since tun0 (created by ppp)
does not exist when pf loads, so my ruleset is not loaded!

This requires me to reload the pf ruleset whenever I reboot. Another
problem with this approach is ntpdate fails to set time properly on boot
as well (although this may be ppp taking a little while to get the
connection set up).

How can I get my system to just work when I boot up? I've copypasta'd
the related conf files with names changed to protect the innocent below.

---ppp.conf---
default:
        set log Phase tun command
        disable ipv6

name_of_isp:
        disable ipv6
        set device PPPoE:sk0
        set authname isp_un
        set authkey isp_pw
        set dial
        set login
        add default HISADDR
        add default HISADDR6
        enable dns
---

---rc.conf---
hostname="my_hostname"
#this address is assigned to sk0 so I can access the administration page
of my modem
ifconfig_sk0="inet 192.168.1.100 netmask 255.255.255.0"
ifconfig_rl0="inet 192.168.42.1 netmask 255.255.255.0"
gateway_enable="YES"
pf_enable="YES"
pflog_enable="YES"
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="NO"
ppp_profile="name_of_isp"
dhcpd_enable="YES"
dhcpd_ifaces="rl0"
named_enable="YES"
ddclient_enable="YES"
sshd_enable="YES"
#ntpdate_enable="YES"
#ntpdate_flags="-t 30 _timeservers_"
ntpd_enable="YES"
powerd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTO"
---

---pf.conf---
# Macros
ext_if = "tun0"
lan_if = "rl0"
lan_ip = "192.168.42.0/24"

# Tables

# Options

# Traffic Normalization
scrub in on $ext_if all fragment reassemble

# Queueing

# Translation
nat pass on $ext_if from $lan_ip to any -> {$ext_if}
#some redirect rules removed for port forwarding here

# Packet Filtering
block in on $ext_if all
pass out on $ext_if all keep state
pass in on $lan_if all
pass out on $lan_if all
---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53A089F8.4060409>