Date: Tue, 18 Aug 2015 14:18:21 +0300 From: wishmaster <artemrts@ukr.net> To: Andriy Gapon <avg@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: pf and new interface Message-ID: <1439896563.102588062.s8ouf3nc@frv34.fwdcdn.com> In-Reply-To: <55D2E9B3.2040301@FreeBSD.org> References: <55D2E9B3.2040301@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Original message --- From: "Andriy Gapon" <avg@freebsd.org> Date: 18 August 2015, 14:05:15 > I have the following rule in pf.conf: > set skip on tap > and even the following one: > set skip on tap0 > > The rules are loaded at the system start-up time, but the tap interface > may not be created until much later. When tap0 is first created the > skip rules are not applied to it and the traffic gets filtered. If I > reload the pf configuration, then the rules start working. > > Is there a way to make pf honor such rules for the dynamic interfaces?Hi, You should do it in your application, e.g. in mpd this is something like below set iface up-script /usr/local/etc/mpd5/link_up.sh set iface down-script /usr/local/etc/mpd5/link_down.sh in openvpn - see manuals. Cheers, Vitaliy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1439896563.102588062.s8ouf3nc>