tun devices and firewall
Tim Pushor
timp at crossthread.com
Sat Mar 6 22:09:12 PST 2004
Hi all,
I am building a new firewall based on 5.2.1-RELEASE. I am using the
openbsd port of PF, but I think that my question is fairly generic.
I have remote systems that sort of vpn through this one using
ppp-over-ssh. This uses tun devices. In the past, when I had configured
X number of devices in the kernel, those interfaces were always present
in the system, and think I could firewall based on them.
Now in FreeBSD 5, the interfaces (or entries in /dev) don't exist until
they are actually used (I think, I am having some trouble getting ppp
working, but I think I have another problem).
I had to add rules to enable traffic over the ngx devices as well for
some other things I'm running, and I assume I'll have to do the same for
the tun devices. Does anyone have any advice as to what I can do? pf
doesn't know about the tun devices at boot time, so I can't use them in
the ruleset.
Thanks,
Tim
(PS Please CC: me as I am not subscribed to the list - Thanks)
More information about the freebsd-questions
mailing list