conf/135338: pf startup order seems broken
Alexander Kabaev
kan at FreeBSD.org
Mon Jun 8 00:10:05 UTC 2009
>Number: 135338
>Category: conf
>Synopsis: pf startup order seems broken
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Jun 08 00:10:03 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Alexander Kabaev
>Release: FreeBSD 8.0-CURRENT
>Organization:
>Environment:
FreeBSD kan.dnsalias.net 8.0-CURRENT FreeBSD 8.0-CURRENT #0: Sun Jun 7 16:24:56 EDT 2009 kan at kan.dnsalias.net:/usr/download/src/sys/i386/compile/KAN i386
>Description:
I upgraded one of my machines from -current as of May 12th and noticed
the following startup scripts breakage: pfctl seems to be running before
any of the interfaces are configured and quite expectedly fails to
process some rules. If someone does not pay attention, he ends up with
completely unprotected host sitting on Internet. Filing this at Sam's
request to alert re@ about possible blocker.
<skip>
ugen2.3: <American Power Conversion> at usbus2
no IP address found for re0:network
/etc/pf_kan.conf:21:
could not parse host specification
no IP address found for re0:network
/etc/pf_kan.conf:37:
could not parse host specification
no IP address found for re0:network
/etc/pf_kan.conf:38:
could not parse host specification
pfctl:
Syntax error in config file: pf rules not loaded
pf enabled
DHCPREQUEST on vr0 to 255.255.255.255 port 67
DHCPACK from 96.145.104.1
bound to 98.217.224.113 -- renewal in 113063 seconds.
Starting Network: lo0 vr0 re0.
<skip>
>How-To-Repeat:
Reboot.
>Fix:
Do not have any yet.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list