pf fails to start
Scott Ullrich
sullrich at gmail.com
Thu Sep 7 08:45:05 PDT 2006
On 9/7/06, KES <kes-kes at yandex.ru> wrote:
> Hello
>
> pf fails to start if interface doesnt exist or IP address not assigned
>
> I have trobles with tun0 (pppeo connection)
>
> Look at next picture:
>
> 1) power fail,
> 2) FreeBSD starting,
> 3) do pppoe connection to provider
> 3.a) pppoe fail (ISP has some problem)
> 4) pf starts and fails =((
> 5) FreeBSD fall to infinit loop (I have wait 15minutes and then pressCTRL+C)
>
> Copy of console messages:
> pflog promiscios
> pf enabled
> pflog: here some message (I don't remember)
>
> some experements:
>
> kes# ps ax|grep ppp
> 357 ?? Ss 0:18.88 /usr/sbin/ppp -ddial -unit1 adsl
> 373 ?? Rs 46:53.56 /usr/sbin/ppp -dedicated -quiet -unit0 leased
> 47226 p2 DL+ 0:00.00 grep ppp
>
> #KILL pppoe connection
> kes# kill -9 373
> kes# kill -9 373
> 373: No such process
>
> #Reload pf.conf
> kes# pfctl -f /etc/pf.conf
> no IP address found for tun0
> /etc/pf.conf:48: could not parse host specification
> no IP address found for tun0
> /etc/pf.conf:66: could not parse host specification
> no IP address found for tun0
> /etc/pf.conf:100: could not parse host specification
> no IP address found for tun0
> /etc/pf.conf:101: could not parse host specification
> pfctl: Syntax error in config file: pf rules not loaded
>
> #start pppoe
> kes# /usr/sbin/ppp -dedicated -quiet -unit0 leased
> kes# pfctl -f /etc/pf.conf
>
> #no errors here.
> kes#
>
> So I have no "Syntax error in config file"
>
> TO authur of pf:
> You must change behavior of pf like ipfw does.
> ipfw only do warning messages in situations like this.
Please share your entire pf rules file. There are ways to work around
this. Most notably you can wrap tun0 around () and PF will silently
ignore the item until the interface is actually up and running.
Scott
More information about the freebsd-pf
mailing list