pf rules not being loaded during boot on 7.1-PRERELEASE

Bruce Cran bruce at cran.org.uk
Fri Oct 3 22:06:21 UTC 2008 

On Fri, 3 Oct 2008 04:38:24 -0700
Jeremy Chadwick <koitsu at FreeBSD.org> wrote:
> I've figured out what the problem is.  This is not good, and is
> guaranteed to bite other people.  I'd like to believe this is an
> rc-related problem, but I'm not sure how to fix it.
> 
> The problem in my case:
> 
> The physical interfaces were brought online, but were still
> technically offline (the switch and NIC PHY were taking some time to
> negotiate speed and duplex).  Boot messages:
> 

My box is headless so I didn't see the startup messages until I
attached a serial cable.  It's a similar problem in my case, but caused
because I'm firewalling an ADSL connection which uses PPP, and pf is
being enabled before PPP has configured tun0:

Setting hostname: router.draftnet.
vr0: link state changed to DOWN
dc0: link state changed to UP
dc3: link state changed to UP
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	inet6 ::1 prefixlen 128 
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8 
	inet 127.0.0.1 netmask 0xff000000 
vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500 options=2808<VLAN_MTU,WOL_UCAST,WOL_MAGIC>
	ether 00:40:63:e3:d1:b7
	inet6 XXXXXXXXXX%vr0 prefixlen 64 tentative
scopeid 0x1 inet XXXXXXXXX netmask 0xffffff00 broadcast XXXXXXXXXX
	media: Ethernet autoselect (none)
	status: no carrier
dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500 options=8<VLAN_MTU>
	ether 00:80:c8:c9:96:6d
	inet6 XXXXXXXXX%dc0 prefixlen 64 tentative
scopeid 0x2 inet XXXXXXXXX netmask 0xffffff00 broadcast XXXXXXXXX
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
dc3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500 options=8<VLAN_MTU>
	ether 00:80:c8:c9:96:70
	inet6 XXXXXXXXX%dc3 prefixlen 64 tentative
scopeid 0x5 inet XXXXXXXXX netmask 0xffffff00 broadcast XXXXXXXXX
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
Enabling pf.
no IP address found for tun0
/etc/pf.conf:45: could not parse host specification
pfctl: Syntax error in config file: pf rules not loaded
pf enabled
Starting PPP profile: demonLoading /lib/libalias_cuseeme.so
Loading /lib/libalias_ftp.so
Loading /lib/libalias_irc.so
Lodading /lib/libalcias_nbt.so
Load1ing /lib/libalia:s_pptp.so
Loadi ng /lib/libaliasl_skinny.so
Loadiing /lib/libalians_smedia.so
k.
no IP address  found for tun0
s
/etc/pf.conf:45t: could not parsae host specificattion
pfctl: Synetax error in con fig file: pf rulces not loaded
ahdd net default: agateway tun0
Adnditional routingg options: IP gateeway=YES.
dadd net ::ffff:0 .0.0.0: gateway t::1
add net ::0o.0.0.0: gateway  ::1
net.inet6.iDp6.forwarding: 0O -> 1
net.inet6W.ip6.accept_rtadNv: 0 -> 0

dc2: link state changed to DOWN

The messages following "link state changed to DOWN" indicate that all
the interfaces are now properly configured with IP addresses, including
the external ADSL tun0 and IPv6 gif0 interfaces.

-- 
Bruce Cran

More information about the freebsd-stable mailing list