pf starts too early
Maxim Khitrov
mkhitrov at gmail.com
Thu Oct 15 21:06:18 UTC 2009
On Thu, Oct 15, 2009 at 5:17 PM, Michal <ml at infosec.pl> wrote:
> Hello,
>
> I'm using pf on FreeBSD 8.0-RC1. My wlan0-ath0 card is set up via
> wpa_supplicant.conf and rc.conf (ifconfig_wlan0="WPA DHCP"). pf also starts
> via rc.conf
>
> Problem is that pf cannot start during the system boot because it tries to
> load rules before my network card gets authenticated and connected. Since
> wlan0 doesn't have IP address at the time I get a lot of:
>
> no IP address found for wlan0
> /etc/pf.conf:151: could not parse host specification
> no IP address found for wlan0
> pfctl: Syntax error in config file: pf rules not loaded
> pf enabled
>
> It fills up my dmesg output. Loading rules by hand works perfectly fine.
>
> Any ideas what is wrong or which part of the system should I tweak?
>
> Michal
See the post I made a few weeks ago on this topic:
http://lists.freebsd.org/pipermail/freebsd-pf/2009-September/005329.html
You may need to tweak the REQUIRE line in /etc/rc.d/pf for your needs,
but otherwise this solution has been working for me without any
problems. Just need to be careful not to revert changes when running
mergemaster.
- Max
More information about the freebsd-pf
mailing list