On 9/7/06, KES <[EMAIL PROTECTED]> wrote:
Hello
pf fails to start if interface doesnt exist or IP address not assigned
I have trobles with tun0 (pppeo connection)
Look at next picture:
1) power fail,
2) FreeBSD starting,
3) do pppoe connection to provider
3.a) pppoe fail (ISP has some problem)
4) pf starts and fails =((
5) FreeBSD fall to infinit loop (I have wait 15minutes and then pressCTRL+C)
Copy of console messages:
pflog promiscios
pf enabled
pflog: here some message (I don't remember)
some experements:
kes# ps ax|grep ppp
357 ?? Ss 0:18.88 /usr/sbin/ppp -ddial -unit1 adsl
373 ?? Rs 46:53.56 /usr/sbin/ppp -dedicated -quiet -unit0 leased
47226 p2 DL+ 0:00.00 grep ppp
#KILL pppoe connection
kes# kill -9 373
kes# kill -9 373
373: No such process
#Reload pf.conf
kes# pfctl -f /etc/pf.conf
no IP address found for tun0
/etc/pf.conf:48: could not parse host specification
no IP address found for tun0
/etc/pf.conf:66: could not parse host specification
no IP address found for tun0
/etc/pf.conf:100: could not parse host specification
no IP address found for tun0
/etc/pf.conf:101: could not parse host specification
pfctl: Syntax error in config file: pf rules not loaded
#start pppoe
kes# /usr/sbin/ppp -dedicated -quiet -unit0 leased
kes# pfctl -f /etc/pf.conf
#no errors here.
kes#
So I have no "Syntax error in config file"
TO authur of pf:
You must change behavior of pf like ipfw does.
ipfw only do warning messages in situations like this.
Please share your entire pf rules file. There are ways to work around
this. Most notably you can wrap tun0 around () and PF will silently
ignore the item until the interface is actually up and running.
Scott
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
