Hello, Using parentheses around the interface (from 41.90.23.240 to *($ext_if)* port ssh modulate state) name tells pf to re-resolve the address dynamically whenever the interface is ready during the reboot giving time for pf rules to load successfully.
Regards, Kihaguru On Thu, 20 Mar 2025, 13:50 Kihaguru Gathura, <kihagurugath...@gmail.com> wrote: > Hi Jon, > > Thanks for that additional information updated. However doesnt solve the > problem. > > What works is to inform pf a bit more by updating the pf.conf file with > the following lines: > > pass in on em0 from 41.90.23.0/24 to 41.90.23.240 > pass out on em0 from 41.90.23.240 to 41.90.23.0/24 > > However looking for a solution that doesnt involve adding passes. > > Regards, > > On Thu, 20 Mar 2025, 11:23 Jon Higgs, <j...@altos.au> wrote: > >> On 20/03/25 10:23, Kihaguru Gathura wrote: >> > What are the potential scenario causing the line 26 (from 41.90.23.240 >> > to $ext_if port ssh modulate state) to present itself as syntax error >> > during restart? >> >> Looks like you might have missed an "inet". :) >> >
