On 12/31/2005 05:21:25 PM, Michael Erdely wrote:
But I can almost guarantee that it's because you have DNS names in
your pf.conf and your DNS server isn't able to get to the Internet
prior to the ruleset being loaded.
One approach is to:
1) run a slave dns server on your box
2) not load your pf rules until rc.local, after named starts
3) have relatively long ttl values in your zones
4) do not reference any non-slave zones in your pf.conf
Karl <[EMAIL PROTECTED]>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
