https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211928
Bug ID: 211928
Summary: [pf] /etc/rc.d/pf should REQUIRE routing
Product: Base System
Version: 10.3-RELEASE
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: conf
Assignee: freebsd-bugs@FreeBSD.org
Reporter: r...@bytecamp.net
Created attachment 173767
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=173767&action=edit
/etc/rc.d/pf: move routing to REQUIRE
When a system with pf_enable="YES" in /etc/rc.conf uses hostnames in
/etc/pf.conf, these hostnames cannot be resolved via external nameservers
because the default route is not yet set. This results in an empty (all open)
ruleset.
Fix: move routing from BEFORE to REQUIRE.
Since r195026 already put netif back to REQUIRE, this change does not affect
the issue that the firewall should rather have been setup _before_ any network
traffic can occur.
with kind regards,
Robert Schulze
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
