On 2013/02/07 08:29, sven falempin wrote:
> Hello,
>
> I run OpenBSD 5.2 GENERIC#278 i386 for a while at home (wifi/router), and
> since the release no reboot nor problem.
> The Box is connected to a cable modem router that gives a public ip address
> over dhcp or a local one if the line is cut.
>
> So sometimes my egress is 192.168.100.1 sometimes it is a public IP.
>
> I use the pf rules:
> match out on ext from 192.168.4.0/24 to !(self) nat-to ext
> and
> # cat /etc/hostname.vr0
> dhcp group ext
>
> This morning i had to reload the rules *manually* because after a lease
> change the 'ext' was style the 'wait for connection' IP address, not the
> new one :'( .
>
> 1360148793.967298 00:1d:b8:24:c0:40 64:10:f2:3f:eb:dd 0800 74:
> 192.168.100.1 > 68.180.206.184: icmp: echo request
> like, they re gonna be a reply !
>
> Afaik the dhcp client script is or will be disabled,
>
> can i do something to speed up the process of re-associating ext to the
> good IP address when the box get a new lease ?
>From pf.conf(5):
Surrounding the interface name (and optional modifiers) in
parentheses changes this behaviour. When the interface name is
surrounded by parentheses, the rule is automatically updated
whenever the interface changes its address. The ruleset does not
need to be reloaded. This is especially useful with nat.
You may need to use (vr0) rather than (ext), not sure.
