From owner-freebsd-stable Tue Jul 10 19: 4: 4 2001 Delivered-To: freebsd-stable@freebsd.org Received: from smtp010.mail.yahoo.com (smtp010.mail.yahoo.com [216.136.173.30]) by hub.freebsd.org (Postfix) with SMTP id 4B0EC37B403 for ; Tue, 10 Jul 2001 19:04:00 -0700 (PDT) (envelope-from wyldephyre2@yahoo.com) Received: from ae07185.powerup.com.au (HELO warhawk) (203.147.166.185) by smtp.mail.vip.sc5.yahoo.com with SMTP; 11 Jul 2001 02:03:59 -0000 X-Apparently-From: From: "Haikal Saadh" To: "Michel TALON" , Subject: RE: ipf and tun Date: Wed, 11 Jul 2001 12:08:15 +1000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal In-Reply-To: <20010709151304.A560@lpthe.jussieu.fr> Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I've noticed that this has been tossed around the lists for fair while, but no one has actually come up with a solution :(. I've a similar problem, but the thing with ip -y'ing in ppp.linkup is that it executes the commands in ppp.linkup as the user who invoked ppp, and ipf -y needs to be done as root (according to the manpage, and yes, non rot user can't ipf -y). Is their anything else that can be done? > -----Original Message----- > From: owner-freebsd-stable@FreeBSD.ORG > [mailto:owner-freebsd-stable@FreeBSD.ORG]On Behalf Of Michel TALON > Sent: Monday, 9 July 2001 11:13 PM > To: freebsd-stable@FreeBSD.ORG > Subject: ipf and tun > > > Hello, > > I have a little problem which has already caused trouble to me. > When my machine boots it runs > ipf -f /etc/ipf.rules > These rules allow packets coming from tun0 to get state (my > home machine is at the other end of the line). > However ppp has still not been fired, so the next time i connect > with ppp i can get at the machine but not from here surf the web. > Running > ipf -Fa -f/etc/ipf.rules > fixes the problem, but is highly unpractical. > > So it seems that ipf applies rules only for the configured interfaces. > Do you think that putting > ! ipf -y > in /etc/ppp/ppp.linkup > would solve the problem? > > Of course i can try but risk been locked out! > > -- > > Michel TALON > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message