From owner-freebsd-stable@FreeBSD.ORG Fri Oct 24 23:48:16 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3DF6E106566B for ; Fri, 24 Oct 2008 23:48:16 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) by mx1.freebsd.org (Postfix) with ESMTP id 8BBC38FC19 for ; Fri, 24 Oct 2008 23:48:15 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from inchoate.dons.net.au (ppp121-45-164-40.lns11.adl2.internode.on.net [121.45.164.40]) (authenticated bits=0) by cain.gsoft.com.au (8.13.8/8.13.8) with ESMTP id m9ONmCm0027334 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 25 Oct 2008 10:18:13 +1030 (CST) (envelope-from doconnor@gsoft.com.au) From: "Daniel O'Connor" To: Mike Tancsa Date: Sat, 25 Oct 2008 10:18:15 +1030 User-Agent: KMail/1.9.10 References: <200810092206.02362.doconnor@gsoft.com.au> <200810212028.03184.doconnor@gsoft.com.au> <200810211400.m9LE0Zvh045489@lava.sentex.ca> In-Reply-To: <200810211400.m9LE0Zvh045489@lava.sentex.ca> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1674753.VGMvVzTOeV"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200810251018.23159.doconnor@gsoft.com.au> X-Spam-Score: -2.212 () BAYES_00,RDNS_DYNAMIC X-Scanned-By: MIMEDefang 2.63 on 203.31.81.10 Cc: freebsd-stable@freebsd.org Subject: Re: Userland PPP not deleting old IP on disconnect X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Oct 2008 23:48:16 -0000 --nextPart1674753.VGMvVzTOeV Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Wednesday 22 October 2008 00:30:45 Mike Tancsa wrote: > At 05:57 AM 10/21/2008, Daniel O'Connor wrote: > >I've even tried /etc/rc.d/pf restart but that doesn't fix it.. It's very > >perplexing :( > > Strange, Even doing > /sbin/pfctl -Fall -f /etc/pf.conf > > does not help as part of ppp.linkup ? Perhaps confirm its actually > working as expected. e.g. wrap a small script around it so I haven't tried it.. I did state & nat with no effect :( > pppoe: > ! /usr/local/bin/fixpf.sh > > where fixpf.sh is something like > > /sbin/pfctl -sa -v > /var/log/before.pf > /sbin/pfctl -Fall -f /etc/pf.conf > /var/log/after.pf > > and make sure the old states are actually gone and the rules make sense. I've updated to 7.1-PRE but no luck, I still get the problem. 'before.pf' has what I would expect and 'after.pf' is empty.. Hmm.. It seems that if I restart PPP it comes good but I don't really know= =20 why. ie it's as if the old IP address is still somehow associated with the= =20 tun interface until it's reopened..? Thanks for the help BTW :) =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart1674753.VGMvVzTOeV Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBJAl7H5ZPcIHs/zowRAmM2AJ9oK9O/0lfwhCh9COccdBS7cEl9AgCcDI1y Y1VbZhFwxtcDnB73+DVlGSc= =ZzAp -----END PGP SIGNATURE----- --nextPart1674753.VGMvVzTOeV--