My road warrior has a PPPoE external connection and a tunnel connection, established with OpenVPN, which would encrypt the packets from some special devices.
It works so well so far with the help with these rules in /etc/pf.conf: pass in quick on $int_if from $arch to !<internal_addresses> route-to $tun_if pass in quick on $int_if from $raspbmc to <external_addresses> route-to $tun_if pass out quick on $tun_if from any to any nat-to ($tun_if) However, every time when I reboot the machine, pf fails to load the rules because the tunnel is not ready. The tunnel generally would take some minutes to establish. Is it possible to defer the loading of pf rules until all interfaces are ready? I also tried to parenthesize $tun_if, but it failed due to syntax errors. pass in quick on $int_if from $arch to !<internal_addresses> route-to ($tun_if) pass in quick on $int_if from $raspbmc to <external_addresses> route-to ($tun_if) pass out quick on $tun_if from any to any nat-to ($tun_if) Best regards and thanks, Zhi-Qiang Lei
