On 2013 Feb 07 (Thu) at 13:44:22 +0000 (+0000), Stuart Henderson wrote: :On 2013/02/07 08:29, sven falempin wrote: :> Hello, :> :> I run OpenBSD 5.2 GENERIC#278 i386 for a while at home (wifi/router), and :> since the release no reboot nor problem. :> The Box is connected to a cable modem router that gives a public ip address :> over dhcp or a local one if the line is cut. :> :> So sometimes my egress is 192.168.100.1 sometimes it is a public IP. :> :> I use the pf rules: :> match out on ext from 192.168.4.0/24 to !(self) nat-to ext :> and :> # cat /etc/hostname.vr0 :> dhcp group ext :> :> This morning i had to reload the rules *manually* because after a lease :> change the 'ext' was style the 'wait for connection' IP address, not the :> new one :'( . :> :> 1360148793.967298 00:1d:b8:24:c0:40 64:10:f2:3f:eb:dd 0800 74: :> 192.168.100.1 > 68.180.206.184: icmp: echo request :> like, they re gonna be a reply ! :> :> Afaik the dhcp client script is or will be disabled, :> :> can i do something to speed up the process of re-associating ext to the :> good IP address when the box get a new lease ? : :From pf.conf(5): :X-Spam-Status: No, hits=0.000000 required=0.900000 : : Surrounding the interface name (and optional modifiers) in : parentheses changes this behaviour. When the interface name is : surrounded by parentheses, the rule is automatically updated : whenever the interface changes its address. The ruleset does not : need to be reloaded. This is especially useful with nat. : :You may need to use (vr0) rather than (ext), not sure. :
(egress) does the right thing, btw. -- If money can't buy happiness, I guess you'll just have to rent it.
