Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 8 Jun 2009 00:06:22 GMT
From:      Alexander Kabaev <kan@FreeBSD.org>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        re@FreeBSD.org
Subject:   conf/135338: pf startup order seems broken
Message-ID:  <200906080006.n5806MnW075368@freefall.freebsd.org>
Resent-Message-ID: <200906080010.n580A3OH075478@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         135338
>Category:       conf
>Synopsis:       pf startup order seems broken
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jun 08 00:10:03 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Alexander Kabaev
>Release:        FreeBSD 8.0-CURRENT
>Organization:
>Environment:

FreeBSD kan.dnsalias.net 8.0-CURRENT FreeBSD 8.0-CURRENT #0: Sun Jun  7 16:24:56 EDT 2009     kan@kan.dnsalias.net:/usr/download/src/sys/i386/compile/KAN  i386

>Description:

I upgraded one of my machines from -current as of May 12th and noticed
the following startup scripts breakage: pfctl seems to be running before
any of the interfaces are configured and quite expectedly fails to
process some rules. If someone does not pay attention, he ends up with
completely unprotected host sitting on Internet. Filing this at Sam's
request to alert re@ about possible blocker.


<skip>
ugen2.3: <American Power Conversion> at usbus2
no IP address found for re0:network
/etc/pf_kan.conf:21: 
could not parse host specification
no IP address found for re0:network
/etc/pf_kan.conf:37: 
could not parse host specification
no IP address found for re0:network
/etc/pf_kan.conf:38: 
could not parse host specification

pfctl: 
Syntax error in config file: pf rules not loaded

pf enabled
DHCPREQUEST on vr0 to 255.255.255.255 port 67

DHCPACK from 96.145.104.1

bound to 98.217.224.113 -- renewal in 113063 seconds.

Starting Network: lo0 vr0 re0.

<skip>

>How-To-Repeat:
	Reboot.
>Fix:
	Do not have any yet.
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906080006.n5806MnW075368>