Getting tables to work in PF

David DeSimone ddesimone at verio.net
Mon Nov 3 23:31:59 UTC 2014 

Also I should have looked further to see this line:

    set loginterface egress# Can't remember what this does

I think that statement needs a real interface name, which "egress" probably isn't.


-----Original Message-----
From: David DeSimone
Sent: Monday, November 03, 2014 5:13 PM
To: 'Dave Horsfall'
Cc: FreeBSD PF List
Subject: RE: Getting tables to work in PF

The message " pfctl: DIOCSETSTATUSIF" indicates that pfctl is bombing out before it actually loads the rules into the kernel.  It's a rather unhelpful message, since it does not point out the source of the problem, though.

A little web searching turned up that most likely your pf.conf references a nonexistent interface name.  Looking through your pf.conf, either your "fxp0" interface doesn't exist, or more likely it's this line:

    set skip on lo

I'm pretty sure the loopback name should be "lo0" instead of just "lo".


-----Original Message-----
From: owner-freebsd-pf at freebsd.org [mailto:owner-freebsd-pf at freebsd.org] On Behalf Of Dave Horsfall
Sent: Monday, November 03, 2014 4:31 PM
To: FreeBSD PF List
Subject: Re: Getting tables to work in PF

On Mon, 3 Nov 2014, Doug Hardie wrote:

> What happens when you run:  pfctl -f /etc/pf.conf

aneurin# pfctl -f /etc/pf.conf
No ALTQ support in kernel
ALTQ related functions disabled
pfctl: DIOCSETSTATUSIF

> I suspect you have something in /etc/rc.conf giving a different file for
> the default pf config file.  Your pf.conf file has a bunch of rules,
> none of which are shown in the pfctl output.

That's what I thought, but:

a) it flags syntax errors.

b) it's reading the /etc/spammers file.

--
Dave Horsfall (VK2KFU)  "Bliss is a MacBook with a FreeBSD server."
http://www.horsfall.org/spam.html (and check the home page whilst you're there)
_______________________________________________
freebsd-pf at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, distribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio Inc. makes no warranty that this email is error or virus free. Thank you.

More information about the freebsd-pf mailing list