On Sun, 8 Mar 2009 16:01:57 -0700 Hilco Wijbenga <hilco.wijbe...@gmail.com> wrote:
> I have pf running on my firewall box and I'm experiencing some strange > behaviour. After several hours (this may even be 24 hours) of > functioning normally, pf seems to reload its default rules which means > that from that point on all traffic is blocked. A simple "pfctl -f > /etc/pf.conf" fixes the problem but it is very annoying. ummm... no. Think about it for a moment. The default rules *are* stored in /etc/pf.conf --the very same file you are manually reloading, so it's obviously not magically reloading the "default rules" as you claim. What kind of connection are you running? Is your public IP address static or dynamic? More importantly, are you running some sort of tunneling/authentication such as PPPoE or simlar? In sort my first guess is your IP is changing every 24 hours or so due to your service provider using dynamic addressing (and trying to prevent you from having a particular IP for too long). If I'm right, then your problem is that pf is holding on to the old rules for your old IP address even though your IP had changed. In other words, you have a configuration error. -- J.C. Roberts