pf seems to start late?
Jeff Penn
jeff+list.news at jrpenn.demon.co.uk
Thu Mar 17 08:30:59 PST 2005
Volodymyr Kostyrko <arcade at ints.net>:
>>>>Shouldn't PF start right after the interfaces come up? [...]
>
> Guys, didn't you forgot that pf sometimes uses resolver to lookup
> hostnames present in pf.conf? What happens if it should resole hostnames
> with local named?
I noticed that openbsd does a two-stage startup if pf is enabled.
Rc initially defines rules for lo0, & ssh/dns/icmp/ etc from any
to any (also NFS if enabled). After the network is started these rules
are replaced by loading pf.conf.
Jeff
More information about the freebsd-questions
mailing list