Date: Wed, 20 Jul 2022 10:08:47 +0300 From: Oleksandr Kryvulia <shuriku@shurik.kiev.ua> To: pf@freebsd.org Subject: Re: updating "self" in RELENG_13 Message-ID: <5e97f42c-6099-7556-f440-39d549fcbfeb@shurik.kiev.ua> In-Reply-To: <7126c3de-2eab-733a-863d-0a38c409919e@sentex.net> References: <7126c3de-2eab-733a-863d-0a38c409919e@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
19.07.22 23:02, mike tancsa пише: > I have an endpoint where interfaces come and go or change IP addresses > due to dynamic IPs being handed out. One thing I noticed is that if I > want to make use of the "self" keyword, the automatic table that it > abstracts away does not get automatically updated with new IP > addresses. If I manually do a pfctl -f /etc/pf.conf, it fixes the > issue. So to automate it, I looked at devd to create > > % cat /etc/devd/interface.conf > notify 0 { > match "system" "IFNET"; > match "type" "(LINK_DOWN|LINK_UP)"; > action "/usr/local/bin/interface-change.sh $subsystem $interface"; > }; > > and in the script I call /sbin/pfctl -f /etc/pf.conf > > But the next issue I ran into is the interface often comes up before > its given an IP. So to make it work I had to add a > > sleep 5 ; /sbin/pfctl -f /etc/pf.conf & > > Not really happy with this method as sleeps are a bit hackish and > probably wont reliably work. Anyone else run into this issue and how > do you work around it ? Or am I approaching it the wrong way ? > > I also noticed that if I do something like > > ifconfig lo0 192.168.99.2/32 alias > > devd does not fire > > ---Mike > Hi, using interface groups instead makes sense for you?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5e97f42c-6099-7556-f440-39d549fcbfeb>