Date: Wed, 20 Jul 2022 10:08:47 +0300 From: Oleksandr Kryvulia <shuriku@shurik.kiev.ua> To: pf@freebsd.org Subject: Re: updating "self" in RELENG_13 Message-ID: <5e97f42c-6099-7556-f440-39d549fcbfeb@shurik.kiev.ua> In-Reply-To: <7126c3de-2eab-733a-863d-0a38c409919e@sentex.net> References: <7126c3de-2eab-733a-863d-0a38c409919e@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
19.07.22 23:02, mike tancsa пише:
> I have an endpoint where interfaces come and go or change IP addresses
> due to dynamic IPs being handed out. One thing I noticed is that if I
> want to make use of the "self" keyword, the automatic table that it
> abstracts away does not get automatically updated with new IP
> addresses. If I manually do a pfctl -f /etc/pf.conf, it fixes the
> issue. So to automate it, I looked at devd to create
>
> % cat /etc/devd/interface.conf
> notify 0 {
> match "system" "IFNET";
> match "type" "(LINK_DOWN|LINK_UP)";
> action "/usr/local/bin/interface-change.sh $subsystem $interface";
> };
>
> and in the script I call /sbin/pfctl -f /etc/pf.conf
>
> But the next issue I ran into is the interface often comes up before
> its given an IP. So to make it work I had to add a
>
> sleep 5 ; /sbin/pfctl -f /etc/pf.conf &
>
> Not really happy with this method as sleeps are a bit hackish and
> probably wont reliably work. Anyone else run into this issue and how
> do you work around it ? Or am I approaching it the wrong way ?
>
> I also noticed that if I do something like
>
> ifconfig lo0 192.168.99.2/32 alias
>
> devd does not fire
>
> ---Mike
>
Hi, using interface groups instead makes sense for you?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5e97f42c-6099-7556-f440-39d549fcbfeb>