On Mon, 13 Feb 2006, matthew sporleder wrote:

> > What does your /etc/lkm.conf contain?
> 
> /usr/lkm/pf.o   -               -               -               -     
>          AFTERMOUNT


That appears to be part of the problem.

AFTERMOUNT is done by lkm3 rc.d script and is after pf.

The kernel modules are on /usr which is not loaded until the networking is 
all started up. But pf is ordered before the networking.

current-users: Why are the kernel modules located in /usr? It seems like 
/lkm would be better. (Disk space issue?)

You may want a file a PR so this is not forgotten.

One fix is to start pf later after mountcritremote and don't do BEFORE:
NETWORKING. But loses the value of pf_boot since it won't be enabled 
before networking.

(I attempted some reordering to use beforemountlkm but caused 
rcorder recursive issue with syslogd.)

Another fix would be to put pf module in /lkm.

I am guessing that the pf* rc.d scripts were only tested/used with pf 
built into the kernel.

 Jeremy C. Reed

p.s. I am especially glad this was noticed as I am getting ready to 
publish a book covering PF that includes documenting its use on NetBSD.