From owner-freebsd-questions Wed Jul 4 9:24: 1 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mtiwmhc26.worldnet.att.net (mtiwmhc26.worldnet.att.net [204.127.131.51]) by hub.freebsd.org (Postfix) with ESMTP id 9A97A37B403 for ; Wed, 4 Jul 2001 09:23:58 -0700 (PDT) (envelope-from parv@worldnet.att.net) Received: from worldnet.att.net ([32.101.235.92]) by mtiwmhc26.worldnet.att.net (InterMail vM.4.01.03.16 201-229-121-116-20010115) with ESMTP id <20010704162357.EPQZ2154.mtiwmhc26.worldnet.att.net@worldnet.att.net>; Wed, 4 Jul 2001 16:23:57 +0000 Received: by worldnet.att.net (Postfix, from userid 1001) id 79BEF50D5F; Wed, 4 Jul 2001 12:27:46 -0400 (EDT) Date: Wed, 4 Jul 2001 12:27:46 -0400 From: parv To: cjclark@alum.mit.edu Cc: questions@FreeBSD.ORG Subject: Re: ipf -y 'ing using user ppp Message-ID: <20010704122746.A2642@moo.holy.cow> Mail-Followup-To: cjclark@alum.mit.edu, questions@FreeBSD.ORG References: <20010704032241.A1895@moo.holy.cow> <20010704012400.H1476@blossom.cjclark.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20010704012400.H1476@blossom.cjclark.org>; from cristjc@earthlink.net on Wed, Jul 04, 2001 at 01:24:00AM -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG so, Crist J. Clark shared this in my lifetime... > ... > > Err... man 8 ipf, > > -y (SOLARIS 2 ONLY) Manually resync the in-kernel > interface list maintained by IP Filter with the > current interface status list. > > Note the "SOLARIS 2 ONLY?" I've never had to use '-y,' but I do have a > similar problem. Or do I have a different manpage? deja vu... i have read the same statements before on this issue in a freebsd mailing list... crist, by chance could that be from you? by the way your manpage seems to be old, over here same man command shows... -y Manually resync the in-kernel interface list main- tained by IP Filter with the current interface sta- tus list. ... > > That said, once I run ppp(8) once, I can bring the tun(4) interface up > and down as much as I wish and I never need to touch ipf(8) or > ipnat(8) again. No need for the '-y' option. well, i have to do syncing once after reboot. after then, i can play w/ ppp, ifconfig, ipf as much i want w/o resyncing. just curious, are your ipf rules "default block" type? or, do you first block all the traffic (going in or out), then selectively let the traffic pass? as i stated earlier, when the ipf rules weren't "default block", ppp was making connection, but not afterwords ... not w/o a "ipf -y". so, if your rules are not "default block", you may not have to do the syncing. -- so, do you like word games or scrabble? - parv To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message