On Wed, Sep 26, 2007 at 05:54:58PM +0200, Amit Finkler wrote: > I connect to the internet using pppoe(8) by putting the following line > in /etc/rc.local.conf: > > ppp -ddial pppoe > > However, the pf rules load before I have an internet connection and > therefore pfctl reports an error. > > How does one load PF after ppp? Hi Amit.
I guess pf complains about the non-existant interface. Starting and stopping pf can be done with entries in /etc/ppp/ppp.linkup and /etc/ppp/ppp.linkdown e.g I use: # cat /etc/ppp/ppp.linkup [... snipp ...] ! sh -c "ifconfig pflog0 up" ! sh -c "pfctl -e" ! sh -c "pfctl -f /etc/pf.conf" ! sh -c "/usr/local/bin/svc -u /service/pflogd" [... snipp ...] and # cat /etc/ppp/ppp.linkdown [... snipp ...] ! sh -c "/usr/local/bin/svc -d /service/pflogd" ! sh -c "/usr/local/bin/svc -t /service/pflogd" ! sh -c "pfctl -d" [... snipp ...] I use djbs daemontools to start and stop pflogd, but I think you can also use ! sh -c "/sbin/pflogd" and ! sh -c "pkill pflogd" HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
