Loading PF after ppp
I connect to the internet using pppoe(8) by putting the following line in /etc/rc.local.conf: ppp -ddial pppoe However, the pf rules load before I have an internet connection and therefore pfctl reports an error. How does one load PF after ppp? Amit.
Re: Loading PF after ppp
2007/9/26, Amit Finkler [EMAIL PROTECTED]: How does one load PF after ppp? By using ppp.linkup cat /etc/ppp/ppp.linkup MYADDR: !bg sh -c /sbin/pfctl -e -f /etc/pf.conf Best Martin
Re: Loading PF after ppp
I connect to the internet using pppoe(8) by putting the following line in /etc/rc.local.conf: ppp -ddial pppoe However, the pf rules load before I have an internet connection and therefore pfctl reports an error. How does one load PF after ppp? Being in the same situation I had not enabled PF through rc.conf of rc.conf.local, instead I've put following in rc.local: /usr/sbin/ppp -background -quiet pppoe if [ $? -eq 0 ]; then echo PPP enabled pfctl -e pfctl -f /etc/pf.conf fi I'm not sure whether it's correct or not, but it works for me :) Regards, -- Cezary Morga There are three kinds of lies: lies, damned lies, and statistics. (Benjamin Disraeli) [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc ]
Re: Loading PF after ppp
On Wed, Sep 26, 2007 at 05:54:58PM +0200, Amit Finkler wrote: I connect to the internet using pppoe(8) by putting the following line in /etc/rc.local.conf: ppp -ddial pppoe However, the pf rules load before I have an internet connection and therefore pfctl reports an error. How does one load PF after ppp? Hi Amit. I guess pf complains about the non-existant interface. Starting and stopping pf can be done with entries in /etc/ppp/ppp.linkup and /etc/ppp/ppp.linkdown e.g I use: # cat /etc/ppp/ppp.linkup [... snipp ...] ! sh -c ifconfig pflog0 up ! sh -c pfctl -e ! sh -c pfctl -f /etc/pf.conf ! sh -c /usr/local/bin/svc -u /service/pflogd [... snipp ...] and # cat /etc/ppp/ppp.linkdown [... snipp ...] ! sh -c /usr/local/bin/svc -d /service/pflogd ! sh -c /usr/local/bin/svc -t /service/pflogd ! sh -c pfctl -d [... snipp ...] I use djbs daemontools to start and stop pflogd, but I think you can also use ! sh -c /sbin/pflogd and ! sh -c pkill pflogd HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Loading PF after ppp
On Wed, Sep 26, 2007 at 05:54:58PM +0200, Amit Finkler wrote: I connect to the internet using pppoe(8) by putting the following line in /etc/rc.local.conf: ppp -ddial pppoe However, the pf rules load before I have an internet connection and therefore pfctl reports an error. How does one load PF after ppp? By starting ppp from hostname.tun0...
