Date: Wed, 14 Feb 2007 03:14:50 +0100 From: cpghost <cpghost@cordula.ws> To: freebsd-questions@freebsd.org Subject: pf/ppp timing problem at startup Message-ID: <20070214021450.GC52462@epia-2.farid-hajji.net>
next in thread | raw e-mail | index | archive | help
I'm using ADSL to connect (using a static IP), and ppp(1) needs some time (a few seconds) to initialize and configure the tun(4) device. Parallel to this, pf(4) starts immediately, and doesn't recognize ext_if (tun0), which is not yet ready. As a result of this, pf shuts down again and there's no firewall. As a workaround, I added a startup script to /usr/local/etc/rc.d which would get invoked after the system scripts, sleep a few seconds, and then run "/etc/rc.d/pf start" again. Alternatively, I could also poll for tun0 there, but it's not really worth the trouble. Meddling with the existing /etc/rc.d startup scripts (ppp, pf) to make sure pf is only started after tun0 is up and running is not a good idea, because it would always appear in mergemaster later. So the question is: how can I change the timing, so that pf only starts AFTER ppp has brought the interfaces up? There are some keywords (REQUIRE, BEFORE etc...) in /etc/rc.d/* files, but I'm not really sure if that would solve the problem. Perhaps there's also some pf setting that would dynamically adjust to tun0 once it appears? Thanks, -cpghost. -- Cordula's Web. http://www.cordula.ws/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070214021450.GC52462>