From owner-freebsd-questions@FreeBSD.ORG Wed Mar 9 11:37:47 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 395F416A4CE for ; Wed, 9 Mar 2005 11:37:47 +0000 (GMT) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3456243D5C for ; Wed, 9 Mar 2005 11:37:46 +0000 (GMT) (envelope-from freebsd-questions@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1D8zVE-0004fz-CA for freebsd-questions@freebsd.org; Wed, 09 Mar 2005 12:37:24 +0100 Received: from ns.ag.dn.ua ([213.130.22.147]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 09 Mar 2005 12:37:24 +0100 Received: from arcade by ns.ag.dn.ua with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 09 Mar 2005 12:37:24 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-questions@freebsd.org From: Volodymyr Kostyrko Date: Wed, 09 Mar 2005 13:37:05 +0200 Lines: 36 Message-ID: References: <6.2.0.14.2.20050304062626.00aa8468@localhost> <20050304164136.GA1684@orion.daedalusnetworks.priv> <20050304173041.GA1314@orion.daedalusnetworks.priv> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: ns.ag.dn.ua User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; uk-UA; rv:1.7.5) Gecko/20050111 X-Accept-Language: uk, ru, en-us, en In-Reply-To: <20050304173041.GA1314@orion.daedalusnetworks.priv> Sender: news X-Gmane-MailScanner: Found to be clean X-Gmane-MailScanner: Found to be clean X-MailScanner-From: freebsd-questions@m.gmane.org X-MailScanner-To: freebsd-questions@freebsd.org Subject: Re: pf seems to start late? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Mar 2005 11:37:47 -0000 Giorgos Keramidas wrote: >>>Mar 4 06:15:11 sole kernel: Starting syslogd. >>>Mar 4 06:15:11 sole kernel: Mar 4 06:15:11 sole syslogd: kernel boot file is /boot/kernel/kernel >>>Mar 4 06:15:11 sole kernel: Starting named. >>>Mar 4 06:15:12 sole kernel: Setting date via ntp. >>>Mar 4 06:15:15 sole kernel: 4 Mar 06:15:15 ntpdate[345]: step time server x.x.x.x offset -0.534182 sec >>>Mar 4 06:15:15 sole kernel: Clearing /tmp. >>>Mar 4 06:15:16 sole kernel: ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib >>>Mar 4 06:15:16 sole kernel: a.out ldconfig path: /usr/lib/aout /usr/lib/compat/aout >>>Mar 4 06:15:16 sole kernel: Enabling pflogd >>>Mar 4 06:15:16 sole kernel: . >>>Mar 4 06:15:16 sole kernel: Mar 4 06:15:16 sole kernel: pflog0: promiscuous mode enabled >>>Mar 4 06:15:16 sole kernel: Enabling pf. >>>Mar 4 06:15:16 sole kernel: pf enabled >>> >>>Shouldn't PF start right after the interfaces come up? [...] >> >>[...] >>Can you try the following patch to your /etc/rc.d/pf script and tell me >>if it works for you or if it breaks anything important? > Just in case anyone else tries using this, please try a version that > doesn't introduce a circular dependency of pf -> netif -> pf: Guys, didn't you forgot that pf sometimes uses resolver to lookup hostnames present in pf.conf? What happens if it should resole hostnames with local named? PS: But the question seems intresting... i'll check the behavior... -- [WBR], Arcade. [SAT Astronomy/Think to survive!]