On Tue, Feb 01, 2000 at 10:22:42PM +0100, Arjan de Vet wrote:
> - fresh reboot, xl0 gets its IP address via DHCP and ipf filter rules
> get loaded with a small script:
>
> # flush all rules
> ipf -D
> # enable ipmon
> ipmon -s &
> # load rules
> ipf -f /etc/ipf.conf
> # enable
> ipf -E
>
> W.r.t. filter rules for the tun0 interface:
>
> [...]
> # TUNNEL
> pass out quick on tun0
> pass in quick on tun0
> [...]
>
> Cable modem connection works, filter rules work as well.
>
> - Now I dialin to my company via /usr/sbin/ppp which uses the tun0
> device. Connection and PPP negotiations succeeds succesfully but
> there's no IP traffic possible. Only after executing my ipf.reload
> script:
>
If you do not reload the filter rules, but look at what ipfstat says
about rule hits, you might get a clue on where things are blocked
(if at all).
I think what happens is that the tun0 device is loaded as kld when
you first run ppp. And in fact that the initial ipf loading gives errors
about the fact that there is no such device as tun0.
Reloading the filter rules fixes that and since tun0 is loaded and stays
loaded, you'll never encounter any problems again.
Try kldload if_tun before loading the rules at boot time and sees
if the problem goes away.
If this doesn't solve it, walk over to my room tomorrow and we'll
look further.
-Guido
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
