David Chisnall <thera...@freebsd.org> wrote: > On 11 May 2014, at 20:23, Adrian Chadd <adr...@freebsd.org> wrote: > > > On 11 May 2014 12:01, David Chisnall <thera...@freebsd.org> wrote: > >> On 17 Apr 2014, at 09:30, Adrian Chadd <adr...@freebsd.org> wrote: > >> > >>> Can't we add a devd hook to do that? > >> > >> I tried doing this, but it turns out that wlan devices don't appear to > >> send devd LINK_UP / LINK_DOWN events. It would be nice to have a clean > >> solution to this. By default, using the stock rc scripts, my router is > >> currently not able to forward packets from the WiFi until I've logged into > >> it and manually run 'service pf restart', which is a bit crazy. I've > >> hacked around it by having a script run from rc.local that sleeps for 60 > >> seconds and then restarts a few things, but that's really, really ugly. > >> > >> On closer inspection, pf doesn't fail silently, it complains about a > >> syntax error in my config file because wlan0 is not a known interface. > >> > >> We therefore have an rc ordering problem if you want to use pf and WiFi at > >> the same time. This problem was introduced some time between 9.2 and 10.0. > > > > Is there a PR for this? It's the first I've heard of it. > > Not yet. This is the result of my investigations as of 10 minutes ago. I'll > file a PR, if no one can tell me I'm doing something obviously wrong...
I'm not saying that you did something wrong or shouldn't file a PR, but on my laptop (11-CURRENT) pf works as expected without service restarts. The relevant configuration excerpt: ext_if = "wlan0" int_if = "bge0" jail_if = "lo1" [...] nat pass on $ext_if from $int_if:network to any -> $ext_if nat on $ext_if from $jail_if:network to any -> $ext_if wlan0 is a wlandev on iwn0. I'm usually using static IP addresses, but it worked with dynamic IP addresses (and ext_if and int_if reversed) in the past. Fabian
signature.asc
Description: PGP signature
