Hi folks, I updated my 5.2.1 box to current today und changed from the PF-port to the new base-PF. Everything went fine, but when I rebooted the box, it hangs when samba was starting up. The problem was, that samba could not bind to its ports due to the default pf rulesset being loaded (only ssh-in is allowed). The problem originates in the fact, that I have a DSl modem and pppd connects on startup. Because I get only a dynamic IP, I use such statements in my ruleset : pass in on $tun_if inet proto tcp from any to ($tun_if) port 22 flags S/SA modulate state label The ($tun_if) gives me the current IP of the tun0-interface and this is often used by users with dynamic Ips. The problem is, that ppp is not fast enough for PF. PF is starting up before ppp gets an IP for tun0, so loading the ruleset fails. While using the PF-port, the time lag between starting ppp and PF was big enough, as PF was started whith the other third-party tools. With PF now in the basesystem, it is too fast for ppp. Inserting a "sleep 10" in the pf_start()-function in /etc/rc.d/pf solved my problem, as PF waits 10 seconds before loading the ruleset and ppp now gets the dynamic IP in time. Could we add the "sleep 10" or maybe a "sleep 5" in this function? I'm sure when current become 5.3 I'll be not alone with my problem. Greets, Jonathan WeissReceived on Sun Jun 06 2004 - 01:46:15 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:56 UTC