--3MwIy2ne0vdjdPXF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Thu, Aug 11, 2005 at 06:41:23PM +0200, Mipam wrote:
> Hi Peter,
> 
> Thanks for your reply.
> Here is my ruleset, very simple one btw. :-)
> I hope you'll find what might be the problem.

I think that I know what's wrong. When /etc/rc.d/pf is executed, wm0
doesn't have an IP address yet. So the rule parsing fails here:
"from any to $ext_if", $ext_if should resolve to IP address(es) but wm0
doesn't have an address so this fails. You'll probably see the message:
"no IP address found for wm0".

So, we should start pf after the network is up, then everything should
be fine. Please try the attached patch.

-- 
Peter Postma

--3MwIy2ne0vdjdPXF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=diff

Index: pf
===================================================================
RCS file: /cvsroot/src/etc/rc.d/pf,v
retrieving revision 1.5
diff -u -u -r1.5 pf
--- pf	10 Aug 2005 13:52:05 -0000	1.5
+++ pf	11 Aug 2005 17:05:26 -0000
@@ -4,8 +4,8 @@
 #
 
 # PROVIDE: pf
-# REQUIRE: root beforenetlkm mountcritlocal tty
-# BEFORE: network
+# REQUIRE: root beforenetlkm mountcritlocal tty network dhclient
+# BEFORE: NETWORKING
 
 $_rc_subr_loaded . /etc/rc.subr
 

--3MwIy2ne0vdjdPXF--