On Fri, 04 Sep 2009, Collin Kreklow wrote: > On Fri, Sep 04, 2009 at 08:59:30AM -0800, Henrik Hudson wrote: > > Hey List, > > > > I just finishing supping to 8-BETA3 and after a reboot I noticed > > that my PF rules weren't loading and hence NAT wasn't working for > > internal clients, not to mention no firewall :) > > > > This might not be specific to BETA3, but it's the first time I > > noticed it concretely. I did have a power outage last week where > > after a poweron I had to run pfctl -f /etc/pf.conf to get NAT working > > again. This was under BETA2. > > At the time when the pf script runs during boot, all the network > interfaces may not be fully configured. It is likely that your pf.conf > includes rules that pf can't calculate because one or more network > interfaces are not yet configured. I had to change my pf.conf to > hard-code the IP ranges instead of using :network to get my rules to > load on boot. Also make sure your script is using (xl0) where > appropriate. It's possible. However, I'm pretty sure the ruleset worked correctly on the initial install and it's a ruleset I've used on plenty of different gateway servers with a similar hardware setup. However, I did just finish building another 8-BETA3 x64 box and it works fine, so maybe something fluky is going on with the server crash due to the power outage. I will investiage further. Thanks. Henrik -- Henrik Hudson lists_at_rhavenn.net ----------------------------------------- "God, root, what is difference?" Pitr; UFReceived on Fri Sep 04 2009 - 18:34:47 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:54 UTC