Hi, There was a thread about this quite a while back where if the interface didn't exist pf wouldn't start.
It's probably the wrong way to do it, but my dsl connection is controlled by a crontab script that runs every minute or so to see if line is up (my line is quite bad). at end of script it does a 'pfctl -sr | wc -l' and and if output is > 0 then end else pfctl -f /etc/pf.conf Like I said, probably bad way to check it, but I have same problem where if ppp connection is not established, pf won't load ruleset cause tun0 doesn't exist. Atleast that way when cron job checks if line is up (every 2 minute), it also checks if pf is loaded. 1) system boots up 2) cronjob runs 2a) starts ppp 2b) checks if wc -l is >0 3) system started and online with pf running On 9/7/06, KES <[EMAIL PROTECTED]> wrote:
Hello pf fails to start if interface doesnt exist or IP address not assigned I have trobles with tun0 (pppeo connection) Look at next picture: 1) power fail, 2) FreeBSD starting, 3) do pppoe connection to provider 3.a) pppoe fail (ISP has some problem) 4) pf starts and fails =(( 5) FreeBSD fall to infinit loop (I have wait 15minutes and then pressCTRL+C) Copy of console messages: pflog promiscios pf enabled pflog: here some message (I don't remember) some experements: kes# ps ax|grep ppp 357 ?? Ss 0:18.88 /usr/sbin/ppp -ddial -unit1 adsl 373 ?? Rs 46:53.56 /usr/sbin/ppp -dedicated -quiet -unit0 leased 47226 p2 DL+ 0:00.00 grep ppp #KILL pppoe connection kes# kill -9 373 kes# kill -9 373 373: No such process #Reload pf.conf kes# pfctl -f /etc/pf.conf no IP address found for tun0 /etc/pf.conf:48: could not parse host specification no IP address found for tun0 /etc/pf.conf:66: could not parse host specification no IP address found for tun0 /etc/pf.conf:100: could not parse host specification no IP address found for tun0 /etc/pf.conf:101: could not parse host specification pfctl: Syntax error in config file: pf rules not loaded #start pppoe kes# /usr/sbin/ppp -dedicated -quiet -unit0 leased kes# pfctl -f /etc/pf.conf #no errors here. kes# So I have no "Syntax error in config file" TO authur of pf: You must change behavior of pf like ipfw does. ipfw only do warning messages in situations like this. KES mailto:[EMAIL PROTECTED] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
