From owner-freebsd-questions Mon Jan 14 6:14:29 2002 Delivered-To: freebsd-questions@freebsd.org Received: from sage-american.com (sage-american.com [216.122.141.44]) by hub.freebsd.org (Postfix) with ESMTP id D1E5C37B402 for ; Mon, 14 Jan 2002 06:14:25 -0800 (PST) Received: from SAGEONE (adsl-64-219-30-196.dsl.crchtx.swbell.net [64.219.30.196]) by sage-american.com (8.9.3/8.9.3) with SMTP id IAA29182 for ; Mon, 14 Jan 2002 08:14:21 -0600 (CST) Message-Id: <3.0.5.32.20020114081418.017908f8@mail.sage-american.com> X-Sender: jacks@mail.sage-american.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Mon, 14 Jan 2002 08:14:18 -0600 To: freebsd-questions@freebsd.org From: jacks@sage-american.com Subject: Boot errors loading Firewall Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I have recently created a new set of rules for IPFW using a similar approach to setting the variables in /etc/rc.firewall. Also, the server on DSL dynamic IP, is not on a static IP, and thus changes on any reconnect, such as a reboot. I'm getting a bunch of errors at boot because the FW rules cannot recognize the "host" for some reason. Thus, things don't work right (no email or FTP) because the system is still looking for the previous "oif" IP. If I stop natd, reload the same FW rules and restart natd, everything gets updated okay and then things work right again. But, why not at bootup? I thought this might be because the order of things in my rc.conf file were wrong, but "ppp" stuff is started first which should set the new "oif" before the rules load and look for that "oif" tun0 variable. But, indeed, the firewall rules load last in the config file. Wonder what causes this? Here's my variables at the beginning of my firewall: IPFIREWALL RULES #### Set defaults # set these to your outside interface network and netmask and ip # for dynamic IP address from ISP use there range oif="tun0" onet=`ifconfig tun0 | awk '/inet / {print $4}'` omask=`ifconfig tun0 | awk '/netmask / {print $6}'` oip=`ifconfig tun0 | awk '/inet / {print $2}'` ********************************************************************** Any thoughts appreciated.... Best regards, Jack L. Stone, Server Admin =================================================== Sage-American http://www.sage-american.com jacks@sage-american.com "My center is giving way, my right is in retreat; ....situation excellent! ....I shall attack!" =================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message