Date: Wed, 19 Jun 2002 16:57:21 +1000 From: Peter Jeremy <peter.jeremy@alcatel.com.au> To: freebsd-stable@freebsd.org Subject: IPFW rules on tunX devices Message-ID: <20020619165721.B438@gsmx07.alcatel.com.au>
next in thread | raw e-mail | index | archive | help
I have a situation where I want to have some ipfw rules permanently
associated with tun0. In 4.5-RELEASE, I just included lines like the
following in the rules file specified as firewall_type in rc.conf:
add 11010 allow tcp from 10.2.3.4 to 10.2.3.5 keep-state in recv tun0 setup
In 4.6-RELEASE, the tun devices are created on demand and so tun0
doesn't exist don't exist when the firewall rules are added. Other
than starting ppp(8), how do I create tun0? I thought
ifconfig tun0 create
would work, but that returns:
ifconfig: SIOCIFCREATE: Invalid argument
Any suggestions?
As background: With 4.5-RELEASE, I was originally creating/deleting
the rules using ppp.link{up,down}, but this meant that the dynamic
rules were deleted (and hence any sessions using the PPP link were
effectively destroyed) when the link dropped. Since the particular
phone link was quite unreliable, this was a nuisance. By creating the
rules statically, sessions became persistent - the phone dropout
became a short glitch whilst it re-dialed.
Peter
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020619165721.B438>