From owner-freebsd-stable@FreeBSD.ORG Sat Feb 26 11:44:54 2011 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A0E14106564A for ; Sat, 26 Feb 2011 11:44:54 +0000 (UTC) (envelope-from vince@unsane.co.uk) Received: from unsane.co.uk (unsane-pt.tunnel.tserv5.lon1.ipv6.he.net [IPv6:2001:470:1f08:110::2]) by mx1.freebsd.org (Postfix) with ESMTP id 2FB3B8FC16 for ; Sat, 26 Feb 2011 11:44:54 +0000 (UTC) Received: from vhoffman-macbooklocal.local ([10.10.10.191]) (authenticated bits=0) by unsane.co.uk (8.14.4/8.14.4) with ESMTP id p1QBKT2i003079 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Sat, 26 Feb 2011 11:21:38 GMT (envelope-from vince@unsane.co.uk) Message-ID: <4D68E1F4.9080003@unsane.co.uk> Date: Sat, 26 Feb 2011 11:20:20 +0000 From: Vincent Hoffman User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: Jeremy Chadwick References: <4D67E2BC.6070202@unsane.co.uk> <4D682BFE.9050702@unsane.co.uk> <20110225223119.GA13109@icarus.home.lan> In-Reply-To: <20110225223119.GA13109@icarus.home.lan> X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-stable@freebsd.org Subject: Re: 8.2-RELEASE pf rules not loading X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Feb 2011 11:44:54 -0000 On 25/02/2011 22:31, Jeremy Chadwick wrote: > On Fri, Feb 25, 2011 at 10:23:58PM +0000, Vincent Hoffman wrote: >> On 25/02/2011 17:35, Josh Carroll wrote: >>>> Hi All, >>>> Just upgraded my home machine to 8.2-RELEASE via >>>> freebsd-update remotely (spare time at work.) and on reboot my pf >>>> ruleset isnt being loaded. running '/etc/rc.d/pf start' once its booted >>>> does start it fine though. Any suggestions on debugging or shall i just >>>> try a verbose boot and watch the console when I get home? >>>> I still have >>>> >>>> pf_enable="YES" # Set to YES to enable packet filter (pf) >>>> pflog_enable="YES" # Set to YES to enable packet filter >>>> logging >>>> >>>> in /etc/rc.conf >>> > Please look at pf.conf(5) and search for the word "parentheses" (should > be under the "from x to x" section. This might resolve your problem. > Thanks, This did solve it. Slightly strange as its all statically set but at least I know now. Vince