Date: Thu, 16 Dec 2004 23:46:44 -0300 From: Mauricio Brunstein <mbrunstein@gmail.com> To: freebsd-stable@freebsd.org, robbak@gmail.com, kay.abendroth@raxion.net Subject: Re: Problem with ppp and pf on FreeBSD 5.3 Message-ID: <59822964041216184634b9bbe5@mail.gmail.com> In-Reply-To: <d449958041216051422f77e28@mail.gmail.com> References: <5982296404121316301232bcde@mail.gmail.com> <598229640412141458dd6ae07@mail.gmail.com> <5982296404121514234afb345e@mail.gmail.com> <d449958041216051422f77e28@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi ! Anybody knows why I need to run routed to have access to the box from the Internet? > In the FreeBSD manual states that one must use router_enable="NO" in > rc.conf, to avoid routed to delete the routes added by ppp. If I do > this, I can't have access to the box from the Internet by means of ssh. @Robert: Thank you for your help! Yes I now it's an unusual method, but reading the manual I concluded that was the one more logical. I can change the method as you suggested, starting ppp from rc.conf, but in that case, what i need to put in rc.conf about tun0 ?? Because when pf starts, the tun0 could be not yet configured by ppp. Also if you look in the pf.conf, in the nat line I used "(tun0)" as the interface in place of "tun0". According to the documentation of pf this should make pf refresh the rules if the IP address of tun0 changes. But sometimes, after a connection drop and redial, Nat is not working. Why do you suggest to use the nat on ppp? What are de differences from the one in pf? @ Kay: Thank you to you too! Actually ez-ipupdate is a tiny program and reading the ez-ipupdate.conf file I beleeved that the program is designed to be started by executing the conf file directly. This is my ez-ipupdate.conf file: -------------------------- server:~ $ cat /usr/local/etc/ez-ipupdate.conf #!/usr/local/bin/ez-ipupdate -c # # example config file for ez-ipupdate # # this file is actually executable! # service-type=dyndns user=<my_username>:<my_passwd> host=my_host.ath.cx interface=tun0 max-interval=2073600 # please create this file and ensure that the user # that ez-ipupdate is running as has write permissions # to it then uncomment this line, if you don't your # dyndns account will probably get banned. # if you run ez-ipupdate as root (bad # idea, use "run-as-user") then you can # just uncomment this line. cache-file=/etc/ez-ipupdate.cache.tun0 # for the mean time we'll just use a cache file in the temp directory #cache-file=/tmp/ez-ipupdate.cache # uncomment this once you have everything # working how you want and you are # ready to have ez-ipupdate running in the # background all the time. to stop it # you can use "killall -QUIT ez-ipupdate" under linux. daemon server:~ $ --------------------------------------------------- I don't know how to specify where is the ez.ipupdate.conf file in /etc/rc.conf. Aso, if I put, In /etc/ppp/ppp.linkup: ! /usr/local/etc/rc.d/ez-ipupdate.sh start And in /etc/ppp/ppp.linkdown: ! /usr/local/etc/rc.d/ez-ipupdate.sh stop Do I need to put anything in rc.conf? Regards, Mauricio.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?59822964041216184634b9bbe5>