On Tue, Sep 24, 2002 at 11:36:48AM +0300, Martti Kuparinen wrote:
> Hi!
> 
> Could someone with a working vlan setup try the latest -current with
> ipf 3.4.29 and test if PR#16278 is still valid?

yes it's still there.
/etc/rc.d/network has a workaround, which is to call 'ipf -y' after
once network is up. But with the ipf default as "pass all", there is
a window where traffic which should be blocked is not.

A better workaround would be to change /etc/rc.d/network to create
the needed cloning interfaces, sync ipf, then continue with the
network setup.
While there it would be nice if /etc/rc.d/network stop destroyed cloning
interfaces :)

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
--