I'm using ADSL to connect (using a static IP), and ppp(1)
needs some time (a few seconds) to initialize and configure
the tun(4) device. Parallel to this, pf(4) starts immediately,
and doesn't recognize ext_if (tun0), which is not yet ready.
As a result of this, pf shuts down again and there's no firewall.

As a workaround, I added a startup script to /usr/local/etc/rc.d
which would get invoked after the system scripts, sleep a few
seconds, and then run "/etc/rc.d/pf start" again. Alternatively,
I could also poll for tun0 there, but it's not really worth the

Meddling with the existing /etc/rc.d startup scripts (ppp, pf)
to make sure pf is only started after tun0 is up and running
is not a good idea, because it would always appear in mergemaster

So the question is: how can I change the timing, so that pf only
starts AFTER ppp has brought the interfaces up? There are some
keywords (REQUIRE, BEFORE etc...) in /etc/rc.d/* files, but I'm
not really sure if that would solve the problem.

Perhaps there's also some pf setting that would dynamically adjust
to tun0 once it appears?


Cordula's Web. http://www.cordula.ws/
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to