Date: Tue, 09 Dec 2008 13:48:02 -0800 From: Mark Atkinson <atkin901@yahoo.com> To: freebsd-pf@freebsd.org Subject: Re: Personal firewall with two interfaces Message-ID: <ghmp2m$9hl$1@ger.gmane.org> References: <493E82B3.5090002@eskk.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
Leslie Jensen wrote: > I usually make a change pf.conf where I change > > # ext_if="em0" > ext_if="rum0" > > or vice versa. > > My problem is that if the "wrong" interface is active in pf.conf > there'll be some waiting for ntpd sshd and bsdstats to time out. > > I would like to configure pf so that both interfaces are treathed the > same, only one active interface at the time, but to remove the need for > a manual change of pf.conf at startup. > > Any hints are appreciated. You should leave your pf.conf alone and rename your interfaces (based on which one is inserted -- maybe via devd). You could also code something up in like /etc/rc.d/early.sh to figure out which one is available and rename it. for example: ifconfig msk0 name external ifconfig xl0 name internal ifconfig sk0 name wireless and just leave ext_if="external" in your pf.conf. -- Mark Atkinson atkin901@yahoo.com (!wired)?(coffee++):(wired);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ghmp2m$9hl$1>