Date: Mon, 17 Jan 2005 18:19:55 +0100 From: Eric Masson <e-masson@kisoft-services.com> To: Mailing List FreeBSD Network <freebsd-net@FreeBSD.org> Subject: pf & clonable devices Message-ID: <86k6qcynus.fsf@srvbsdnanssv.interne.kisoft-services.com>
next in thread | raw e-mail | index | archive | help
Hi, uname -a : FreeBSD srvbsdnanssv.interne.kisoft-services.com 5.3-STABLE FreeBSD 5.3-STABLE #0: Tue Jan 11 11:44:56 CET 2005 emss@srvbsdnanssv.interne.kisoft-services.com:/vol0/build/usr/src/sys/K6II i386 kldstat : Id Refs Address Size Name 1 19 0xc0400000 2f6a20 kernel 2 1 0xc06f7000 14f08 if_ppp.ko 3 1 0xc070c000 9a88 if_xl.ko 4 2 0xc0716000 18a44 miibus.ko 5 1 0xc072f000 39ac ulpt.ko 6 9 0xc0733000 1357c agp.ko 7 1 0xc13fa000 1e000 nfsserver.ko 8 1 0xc1429000 28000 pf.ko I'm back at the moment to an isdn line for internet connection, and I'm using pppd (kernel ppp) and an isdn TA. I'm using Alain Thivillon's SSLTunnel for connection to the main office (kernel ppp tunnel encapsulated in a SSL session) pppX interfaces are created on demand as pppd is started. So I end with a setup like this one : ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1524 inet 213.36.152.19 --> 212.129.4.14 netmask 0xffffff00 ppp1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 inet 192.168.0.70 --> 192.168.0.15 netmask 0xffffff00 kernel ppp doesn't seem to reuse existing pppX devices, it creates new ones as needed. PF rules are defined for fixed network devices, so I destroy pppX interfaces on ppp shutdown and let pppd recreate them as needed. In this case, I need to refresh PF by issuing : pfctl -F all -f /etc/pf.conf to get traffic passing thru newly recreated ppp0/1 interfaces. Is this a feature or a bug ? Regards Éric Masson -- Tu as mille fois raison, un abonnement gratuit ce n'est pas un cadeau. D'ailleurs quand on a eu le beurre, l'argent et le cul de la crémière, à part dire des conneries, il ne reste plus grand chose à faire. -+- Biz in GNU : Et là, ça vaut gratuit ou ça fout la chtouille ? -+-
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86k6qcynus.fsf>