pf not loading the rules at boot

Max Laier max at love2party.net
Sun May 7 00:49:04 UTC 2006


On Sunday 07 May 2006 01:59, Iantcho Vassilev wrote:
> I noticed such a problem:
>
> I have a 6.1 RC2 and i have in rc.conf
>
> pf_enable="YES"
> pflogd_enable="YES"
>
> but when the system boots i test with:
>
> pfctl -vs rules
>
> and there are not rules loaded.if i load them by hand there is no problem..
> then i made:
>
> rc_debug="YES"
>
> and the first thing that i saw was: when pf_enable is after pflogd_enable ;
> it is not printed(checked)..
>
> then i changed the place of pf and pflogd in the rc.conf and i saw some
> output in the /var/log/messages..
> but still the ruleset wasn`t loaded..
>
> i put pf_load="YES" >> /boot/loader.conf
> and still the ruleset is NOT loaded on boot...

What is your pf.conf like?  Do you have ALTQ in use?  Do you maybe try to use 
ALTQ on an interface that is created later on (tun0 or the like)?  What does 
"/etc/rc.d/{pf, pflog} rcvar" give you?  Does "/etc/rc.d/pf start" work after 
it failed on boot?  Try setting pf_flags="-v" to get additional error 
messages.

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20060507/7f6eb336/attachment.pgp


More information about the freebsd-stable mailing list