On Wed, Jun 19, 2002 at 04:57:21PM +1000, Peter Jeremy wrote: > I have a situation where I want to have some ipfw rules permanently > associated with tun0. In 4.5-RELEASE, I just included lines like the > following in the rules file specified as firewall_type in rc.conf: > add 11010 allow tcp from 10.2.3.4 to 10.2.3.5 keep-state in recv tun0 setup > > In 4.6-RELEASE, the tun devices are created on demand and so tun0 > doesn't exist don't exist when the firewall rules are added. Other > than starting ppp(8), how do I create tun0? I thought > ifconfig tun0 create > would work, but that returns: > ifconfig: SIOCIFCREATE: Invalid argument > > Any suggestions?
I was able to hack around this for someone by placing an entry in /etc/rc.early to open the tun0 device so the interface would be created. The disgusting hack I used was a staticly linked binary which opened /dev/tun0. On current the following signficantly less gross shell works: echo "" >> /dev/tun0 I don't know if this works on stable though. I'm sure there's a better solution, but I've never claimed to be a shell hacker. :-) IMO, the long term solution it to fix the tun(4) driver to use interface cloning like gif(4) so you can do "ifconfig tun0 create" as necessicary. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4
msg46533/pgp00000.pgp
Description: PGP signature
