Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander2018-02-04 17:12:57
FreeBSD
Alexander, 2018-02-04 17:12:57

PF starts before interface, how to solve?

Hello.
There is an OpenVPN server on FreeBSD protected by PF. There is a rule regarding the tun0 interface of the OpenVPN server. The catch is that PF loads before OpenVPN, does not see the tun0 interface, and therefore does not apply the rules, because, in its opinion, there is an error in the rules file.
Is there an elegant way to solve this problem? You can, of course, run the packet filter last, but you don’t really want to.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexander, 2018-02-04
@Adorne

Figured it out myself. Where PF converts an interface name to its IP address, it needs to parenthesize the construct so that it treats it as dynamic. In my case, there was an interface network, inside the rule it looks like this:
Rules where the interface itself appears, and not its address, are ignored by PF, even if such an interface does not exist.

Similar questions
D
denism3002018-08-02 19:23:29
How to create pool zfs? 1Reply
L
liks2016-03-23 07:36:03
Gateway in a virtual machine? 1Reply
T
tema862016-03-27 07:40:12
Is it allowed to use freebsd logos for my projects? 1Reply
A
anton13ms2020-07-31 10:08:39
How to install programs on FreeBSD? 2Reply
D
d222014-01-20 13:19:27
How to add a new user mailbox to qmail under freebsd 7? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question