Hi list,
when i do a
# pfctl -f /etc/pf.conf
on my diskless (nfsroot) 4.3-stable machine, the machine hangs and needs
a hard reset.
The interface used for nfsroot is xl0 and i have
set skip on {lo0 xl0}
in my pf.conf. The machine boots and runs fine with the ruleset enabled,
but as soon as i reload the ruleset, even without making any change, the
machine hangs.
If i copy pf.conf to /tmp (which is a ramdisk) and reload the ruleset
from there, it works fine.
So it *seems* that, when reloading a ruleset, there is a short moment
where the packet filter blocks everything before loading the new
ruleset, making it impossible to read /etc/pf.conf over NFS.
Is my assumption true? Should this be considered a bug?
I remember that this worked with an older (maybe 3.9 or 4.0) version of
OpenBSD.
Kind regards,
Heinrich Rebehn
University of Bremen
Physics / Electrical and Electronics Engineering
- Department of Telecommunications -
Phone : +49/421/218-4664
Fax : -3341
