Raimo Niskanen <raimo+open...@erix.ericsson.se> writes: > Hello misc@ > > My ISP is often enough a bit slow to answer DHCP queries, > so when /etc/rc runs, after netstart, PF is configured, > and I have used the egress group in /etc/pf.conf, my ISP has > not given me a lease, so no interface belongs to that group. > > pfctl refuses to load the ruleset and my router machine doesn't work. > > I have added a delay in /etc/rc, but that feels not kosher. > > I think what I miss is an argument to dhceleased, or a configuration > parameter in dhcpleased.conf to set a longer initial lease timeout, > before going into backgrand and returning control to netstart. > > Is this a common enough problem, or should I come back with a diff? > > Cheers
having pfctl refusing to load the ruleset if you don't have your interface in 'egress' isn't expected. do you have any dns name which require resolution (and so active/functional interface first) in your /etc/pf.conf ? if yes, don't do that. if you really need it, use a table in your pf.conf, and populate it later. Thanks. -- Sebastien Marie
