Subject: Re: ipfirewall and rc.d scripts -- solution
To: None <tech-security@netbsd.org>
From: Michal Stepien <prezi77@wp.pl>
List: tech-security
Date: 07/13/2005 13:59:33 
I would like to apologize for my spam.
It seems that ipf do not create ,,valid'' rules
for interfaces which do not yet exist.
So if someone use eg. "block in on tun0 from any to any"
and tun0 does not exist such rule does not work.

This is why restarting of ipfilter and ipnat was necessary.