PF not loading at boot time
Doug Niven
dniven at ucsc.edu
Thu Apr 30 03:35:39 UTC 2015
I've got a PF anchor referenced in my /etc/pf.conf file here:
table <goodguys> { 111.222.0.0/16, 222.222.0.0/16 }
block in proto tcp from any to any port 22
pass in on en0 proto tcp from <goodguys> to en0 port 22 flags S/SA keep state
But while the /etc/pf.conf file loads fine manually, it does not load at boot, generating the following error in my log:
no IP address found for en0
/etc/pf.anchors/my-anchor:6: could not parse host specification
pfctl: Syntax error in config file: pf rules not loaded
I suspect this is because at the time PF loads at boot, en0 doesn't yet have an IP address or network state.
Is there any other way I might be able to write this rule to avoid this problem?
Thanks in advance,
Doug
More information about the freebsd-questions
mailing list