From owner-freebsd-stable@FreeBSD.ORG Sun May 7 23:48:47 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C72D516A403 for ; Sun, 7 May 2006 23:48:47 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx21.fluidhosting.com [204.14.89.4]) by mx1.FreeBSD.org (Postfix) with SMTP id 400E443D45 for ; Sun, 7 May 2006 23:48:47 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: (qmail 8973 invoked by uid 399); 7 May 2006 23:48:46 -0000 Received: from localhost (HELO ?192.168.0.3?) (dougb@dougbarton.us@127.0.0.1) by localhost with SMTP; 7 May 2006 23:48:46 -0000 Message-ID: <445E875C.8010602@FreeBSD.org> Date: Sun, 07 May 2006 16:48:44 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 1.5 (X11/20060112) MIME-Version: 1.0 To: Iantcho Vassilev References: <18e02bd30605061659m4244e961wd4a334f5825fae3d@mail.gmail.com> In-Reply-To: <18e02bd30605061659m4244e961wd4a334f5825fae3d@mail.gmail.com> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-stable@freebsd.org Subject: Re: pf not loading the rules at boot X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 May 2006 23:48:47 -0000 Iantcho Vassilev wrote: > Hello to all, > > > I noticed such a problem: > > I have a 6.1 RC2 Step one should be to upgrade to the latest 6-stable, and run mergemaster. > and i have in rc.conf > > pf_enable="YES" > pflogd_enable="YES" I think you already corrected yourself to say that you have pflog_enable, not pflogd_, correct? > but when the system boots i test with: > > pfctl -vs rules > > and there are not rules loaded.if i load them by hand there is no problem.. When you say "load them by hand," what do you do exactly? > then i made: > > rc_debug="YES" Try adding rc_info=yes as well. > and the first thing that i saw was: when pf_enable is after pflogd_enable ; > it is not printed(checked).. The order of the variables in your rc.conf file is not relevant. > i put pf_load="YES" >> /boot/loader.conf > and still the ruleset is NOT loaded on boot... The rc system doesn't know anything about /boot/loader.conf. I'm also interested in what happens if you add -v to the pf_flags. What are the permissions on /etc/pf.conf? Doug -- This .signature sanitized for your protection