Re: NPF and PF

To: tech-net%NetBSD.org@localhost
Subject: Re: NPF and PF
From: Hector <technet%netdog.org@localhost>
Date: Thu, 17 Dec 2020 09:08:35 -0600

* Manuel Bouyer <bouyer%antioche.eu.org@localhost> wrote, on 2020-12-17 03:13:
> One thing I didn't mention in my previous emails is that, for the Xen
> example, npf should accept to load rules with nonexistent interfaces
> (the interfaces are created later).

I have this same problem with npf and tun interfaces.

My tun interfaces are generally not created until a particular process
starts and creates them with an open() call on /dev/tunN.

npf was not happy with the non-existent interfaces being referenced
in the ruleset.

I was able to work around the problem by creating a 'ifconfig.tun0', etc,
in rc.conf, with only an 'up' action in it, which causes the interface
to be created (by /etc/rc.d/network).

Follow-Ups:
- Re: NPF and PF
  - From: Manuel Bouyer

References:
- Re: NPF and PF
  - From: Manuel Bouyer
- Re: NPF and PF
  - From: Robert Swindells
- Re: NPF and PF
  - From: Manuel Bouyer

Prev by Date: Re: NPF and PF
Next by Date: Re: NPF and PF
Previous by Thread: Re: NPF and PF
Next by Thread: Re: NPF and PF
Indexes:

Home | Main Index | Thread Index | Old Index