From owner-freebsd-questions  Thu Jan 11  7:32:41 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from mx2.srv.hcvlny.cv.net (mx2.srv.hcvlny.cv.net [167.206.112.45])
	by hub.freebsd.org (Postfix) with ESMTP id 8D88637B402
	for <questions@freebsd.org>; Thu, 11 Jan 2001 07:32:23 -0800 (PST)
Received: from s1.optonline.net (s1.optonline.net [167.206.112.6])
	by mx2.srv.hcvlny.cv.net (8.10.2/8.10.2) with ESMTP id f0BFWMi14249;
	Thu, 11 Jan 2001 10:32:22 -0500 (EST)
Received: from optonline.net (ool-18be012f.dyn.optonline.net [24.190.1.47])
	by s1.optonline.net (8.10.2/8.10.2) with ESMTP id f0BFWMM25770;
	Thu, 11 Jan 2001 10:32:22 -0500 (EST)
Message-ID: <3A5DD205.2A528703@optonline.net>
Date: Thu, 11 Jan 2001 10:32:22 -0500
From: trini0 <trini0@optonline.net>
X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Marco Masotti <masotti@mclink.it>,
	FreeBSD Questions <questions@freebsd.org>
Subject: Re: IPFILTER/ipnat does not work at boot until manually syncing  with 
 ipf -y
References: <1.0.2.200101110857.9432@mclink.it>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Read the man page for rc.conf

Marco Masotti wrote:

> Hello.
>
> I've setup a firewall/gateway machine, connected via PPTP to adsl and using IPFILTER/nat to give access to the private internal Lan.
>
> Unfortunately I'm experiencing problems in getting the machine self starting on boot with all whistles and bells, because the nat functions does not not operate fine when the machine booted, UNTIL issuing by hand a ipf -y,  OR flushing/reloading the intenal lists of rules (ipnat).
>
> I've located the startup scripts in /usr/local/etc/rc.d, with the PPTP starting correctly as well as the ipnat statements being executed apparently well. Nevertheless, at every boot, I'm forced to log into the machine as root and to issue the ipf -y command manually, and only until then the internal machines can reach the Internet.
>
> Is there any suggested precednce or procedure in firing up the PPTP connection without disturbing the IPFILTER internal lists or any hint in this regard?
>
> Thank you for any help!
>
> --
> Marco
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

--

         _____________________________
         |          trini0           |
         |                           |
     / ) | Systems Administrator     |
    / /  | Network Engineer          |
   ( (   | email ==>                 |
 (((\ \> |/ )  trini0@optonline.net  |
 (\\\\ \_/ /_________________________|
  \       /
   \    _/
   /   /
  /   /





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message