On Fri, 27 Jul 2018 12:33:01 +0300 Ville Valkonen <weezeld...@gmail.com> wrote:
> On 26 July 2018 at 13:01, Thomas Huber <miracu...@gmail.com> wrote: > > Hi misc, > > > > my current pf setup works fine but I face the problem, that NAT > > does not work directly after system boot. Only when a do a > > > > # pfctl -f /etc/pf.conf > > > > after the booting things a working correctly. > > Note: I don´t make any changes to pf.conf. > > as Solene mentioned, it's because the interface is not ready. > > Maybe something like this (adapted from iked.conf manual page): > all rules that have pppoe mentioned, append (if-bound). I am using pf with pppoe for more than a decade on dozens of boxes and never got into a problem with NAT not working. On some crappy providers it is not unusual to wait for 10 minutes after reboot for pppoe to negotiate and get IP address. Also, sometimes pppoe link goes down and don't come back for hours. None of this requires reloading of pf rules, it just waits until pppoe reconnects, box usually gets different public IP adress, and after that NATs to new address. Am I missing something? -- Before enlightenment - chop wood, draw water. After enlightenment - chop wood, draw water. Marko Cupać https://www.mimar.rs/
