Date: Sat, 06 Mar 2004 23:08:53 -0700 From: Tim Pushor <timp@crossthread.com> To: questions@freebsd.org Subject: tun devices and firewall Message-ID: <404ABC75.5010903@crossthread.com>
next in thread | raw e-mail | index | archive | help
Hi all, I am building a new firewall based on 5.2.1-RELEASE. I am using the openbsd port of PF, but I think that my question is fairly generic. I have remote systems that sort of vpn through this one using ppp-over-ssh. This uses tun devices. In the past, when I had configured X number of devices in the kernel, those interfaces were always present in the system, and think I could firewall based on them. Now in FreeBSD 5, the interfaces (or entries in /dev) don't exist until they are actually used (I think, I am having some trouble getting ppp working, but I think I have another problem). I had to add rules to enable traffic over the ngx devices as well for some other things I'm running, and I assume I'll have to do the same for the tun devices. Does anyone have any advice as to what I can do? pf doesn't know about the tun devices at boot time, so I can't use them in the ruleset. Thanks, Tim (PS Please CC: me as I am not subscribed to the list - Thanks)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?404ABC75.5010903>