Date: Wed, 29 Apr 2015 20:35:35 -0700 From: Doug Niven <dniven@ucsc.edu> To: freebsd-questions@freebsd.org Subject: PF not loading at boot time Message-ID: <7B5CA749-D7EF-4A2F-9FA0-E3ADF3E5ADDF@ucsc.edu>
next in thread | raw e-mail | index | archive | help
I've got a PF anchor referenced in my /etc/pf.conf file here:
table <goodguys> { 111.222.0.0/16, 222.222.0.0/16 }
block in proto tcp from any to any port 22
pass in on en0 proto tcp from <goodguys> to en0 port 22 flags S/SA =
keep state
But while the /etc/pf.conf file loads fine manually, it does not load at =
boot, generating the following error in my log:
no IP address found for en0
/etc/pf.anchors/my-anchor:6: could not parse host specification
pfctl: Syntax error in config file: pf rules not loaded
I suspect this is because at the time PF loads at boot, en0 doesn't yet =
have an IP address or network state.
Is there any other way I might be able to write this rule to avoid this =
problem?
Thanks in advance,
Doug
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7B5CA749-D7EF-4A2F-9FA0-E3ADF3E5ADDF>