Hey List, I just finishing supping to 8-BETA3 and after a reboot I noticed that my PF rules weren't loading and hence NAT wasn't working for internal clients, not to mention no firewall :) This might not be specific to BETA3, but it's the first time I noticed it concretely. I did have a power outage last week where after a poweron I had to run pfctl -f /etc/pf.conf to get NAT working again. This was under BETA2. uname: FreeBSD cerberus.domain.local 8.0-BETA3 FreeBSD 8.0-BETA3 #1: Fri Sep 4 02:35:38 AKDT 2009 root_at_cerberus.domain.local:/usr/obj/usr/src/sys/CERBERUS amd64 The kernel is 99% stock with the only changes being the IDENT and adding PF and ALTQ specific items. rc.conf: #firewall -pf pf_enable="YES" # Set to YES to enable packet filter (pf) pf_rules="/etc/pf.conf" # rules definition file for pf pf_program="/sbin/pfctl" # where the pfctl program lives pf_flags="" # additional flags for pfctl pflog_enable="YES" # Set to YES to enable packet filter logging pflog_logfile="/var/log/pflog" # where pflogd should store the logfile pflog_program="/sbin/pflogd" # where the pflogd program lives pflog_flags="" # additional flags for pflogd pfsync_enable="NO" # Expose pf state to other hosts for syncing pfsync_syncdev="" # Interface for pfsync to work through pfsync_ifconfig="" # Additional options to ifconfig(8) for pfsync Manually running /etc/rc.d/pf start works fine and doesn't show any errors. Any further steps to troubleshoot this / check this? hardware is a atom based mobo with the onboad re0 and then a xl0 PCI card. re0 is internal facing and the xl0 is a DHCP external from my ISP. Henrik -- Henrik Hudson lists_at_rhavenn.net ----------------------------------------- "God, root, what is difference?" Pitr; UFReceived on Fri Sep 04 2009 - 15:16:49 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:54 UTC