Date: Fri, 4 Mar 2005 19:30:41 +0200 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: freebsd-questions@freebsd.org Subject: Re: pf seems to start late? Message-ID: <20050304173041.GA1314@orion.daedalusnetworks.priv> In-Reply-To: <20050304164136.GA1684@orion.daedalusnetworks.priv> References: <6.2.0.14.2.20050304062626.00aa8468@localhost> <20050304164136.GA1684@orion.daedalusnetworks.priv>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2005-03-04 18:41, Giorgos Keramidas <keramida@freebsd.org> wrote: >On 2005-03-04 06:29, "J.D. Bronson" <jbronson@wixb.com> wrote: >> Mar 4 06:15:11 sole kernel: Starting syslogd. >> Mar 4 06:15:11 sole kernel: Mar 4 06:15:11 sole syslogd: kernel boot file is /boot/kernel/kernel >> Mar 4 06:15:11 sole kernel: Starting named. >> Mar 4 06:15:12 sole kernel: Setting date via ntp. >> Mar 4 06:15:15 sole kernel: 4 Mar 06:15:15 ntpdate[345]: step time server x.x.x.x offset -0.534182 sec >> Mar 4 06:15:15 sole kernel: Clearing /tmp. >> Mar 4 06:15:16 sole kernel: ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib >> Mar 4 06:15:16 sole kernel: a.out ldconfig path: /usr/lib/aout /usr/lib/compat/aout >> Mar 4 06:15:16 sole kernel: Enabling pflogd >> Mar 4 06:15:16 sole kernel: . >> Mar 4 06:15:16 sole kernel: Mar 4 06:15:16 sole kernel: pflog0: promiscuous mode enabled >> Mar 4 06:15:16 sole kernel: Enabling pf. >> Mar 4 06:15:16 sole kernel: pf enabled >> >> Shouldn't PF start right after the interfaces come up? [...] > [...] > Can you try the following patch to your /etc/rc.d/pf script and tell me > if it works for you or if it breaks anything important? > > %%% > Index: pf > =================================================================== > RCS file: /home/ncvs/src/etc/rc.d/pf,v > retrieving revision 1.6 > diff -u -r1.6 pf > --- pf 25 Oct 2004 08:12:28 -0000 1.6 > +++ pf 4 Mar 2005 16:39:03 -0000 > @@ -5,7 +5,7 @@ > > # PROVIDE: pf > # REQUIRE: root mountcritlocal netif pflog > -# BEFORE: DAEMON LOGIN > +# BEFORE: netif > # KEYWORD: nojail > > . /etc/rc.subr > Index: pflog > =================================================================== > RCS file: /home/ncvs/src/etc/rc.d/pflog,v > retrieving revision 1.5 > diff -u -r1.5 pflog > --- pflog 16 Jan 2005 03:12:03 -0000 1.5 > +++ pflog 4 Mar 2005 16:40:21 -0000 > @@ -4,7 +4,7 @@ > # > > # PROVIDE: pflog > -# REQUIRE: root mountcritlocal netif cleanvar > +# REQUIRE: root mountcritlocal cleanvar > # BEFORE: DAEMON LOGIN > # KEYWORD: nojail > > %%% Just in case anyone else tries using this, please try a version that doesn't introduce a circular dependency of pf -> netif -> pf: %%% Index: pf =================================================================== RCS file: /home/ncvs/src/etc/rc.d/pf,v retrieving revision 1.6 diff -u -r1.6 pf --- pf 25 Oct 2004 08:12:28 -0000 1.6 +++ pf 4 Mar 2005 17:07:57 -0000 @@ -4,8 +4,8 @@ # # PROVIDE: pf -# REQUIRE: root mountcritlocal netif pflog -# BEFORE: DAEMON LOGIN +# REQUIRE: root mountcritlocal pflog +# BEFORE: netif # KEYWORD: nojail . /etc/rc.subr Index: pflog =================================================================== RCS file: /home/ncvs/src/etc/rc.d/pflog,v retrieving revision 1.5 diff -u -r1.5 pflog --- pflog 16 Jan 2005 03:12:03 -0000 1.5 +++ pflog 4 Mar 2005 17:09:37 -0000 @@ -4,8 +4,8 @@ # # PROVIDE: pflog -# REQUIRE: root mountcritlocal netif cleanvar -# BEFORE: DAEMON LOGIN +# REQUIRE: root mountcritlocal cleanvar +# BEFORE: DAEMON LOGIN pf # KEYWORD: nojail . /etc/rc.subr %%%
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050304173041.GA1314>