On 3/9/09 2:05 AM, J.C. Roberts wrote:
On Sun, 8 Mar 2009 16:01:57 -0700 Hilco Wijbenga
<hilco.wijbe...@gmail.com> wrote:
I have pf running on my firewall box and I'm experiencing some strange
behaviour. After several hours (this may even be 24 hours) of
functioning normally, pf seems to reload its default rules which means
that from that point on all traffic is blocked. A simple "pfctl -f
/etc/pf.conf" fixes the problem but it is very annoying.
ummm... no. Think about it for a moment. The default rules *are* stored
in /etc/pf.conf --the very same file you are manually reloading, so
it's obviously not magically reloading the "default rules" as you claim.
What kind of connection are you running?
Is your public IP address static or dynamic?
More importantly, are you running some sort of
tunneling/authentication such as PPPoE or simlar?
In sort my first guess is your IP is changing every 24 hours or so due
to your service provider using dynamic addressing (and trying to
prevent you from having a particular IP for too long). If I'm right,
then your problem is that pf is holding on to the old rules for your
old IP address even though your IP had changed. In other words, you
have a configuration error.
Interesting, that is brings up a question for me... what do we do in
this case? My ISP seems to be content to give the same ip back over and
over again. If they did not is there something I can do besides monitor
my $ext_if and reload the rules on ip addr change?
Just curious.
