Date: Tue, 5 Jun 2007 03:40:06 +0100 From: RW <fbsd06@mlists.homeunix.com> To: freebsd-questions@freebsd.org Subject: Re: fbsd 6.2 pf starts -- but not on boot Message-ID: <20070605034006.030f188f@gumby.homeunix.com.> In-Reply-To: <46648172.3060307@vwsoft.com> References: <70f41ba20706041403q1d51ac75jee625130ea4ed10@mail.gmail.com> <46648172.3060307@vwsoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 04 Jun 2007 23:17:38 +0200 Volker <volker@vwsoft.com> wrote: > without seeing your pf.conf ruleset, I guess you're using a ppp > connection to your upstream provider and firewalling on the tunX > interface (using tun0 as $ext_if). > > As FreeBSD boots up, this interface does not yet exist when pf is > loaded. As soon as ppp is loaded and interface tun0 has been created, > pf will happily load your ruleset. > > The solution is to either have pf rules loaded late (later than ppp is > started) or use anchors and load ext rules into the anchor when the > ppp interface is up. The easier is to have the rules loading late > (check using rcorder) but this may also fail if something goes wrong > with ppp. The ppp rc.d script resyncs pf and ipfilter, to pick-up new interfaces, so that shouldn't be needed.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070605034006.030f188f>