Hello everybody,
I have a problem to load my firewall rules at boot time. The rules are below:
The conflict is because PF firewall is loaded before the VPN interface wg0 exists, it fails and no firewall rules are loaded. To avoid this issue, I reload the firewall rules once the interface is up. If somebody wants to know how to do it, I'm leaving an example:
Someone knows how to do this better without the wireguard interface trick?
Can I change the system load order to prevent this problem?
Thanks all.
I have a problem to load my firewall rules at boot time. The rules are below:
Code:
vpn_if = wg0
nat on $ext_if from $vpn_if:network to any -> ($ext_if:0)
The conflict is because PF firewall is loaded before the VPN interface wg0 exists, it fails and no firewall rules are loaded. To avoid this issue, I reload the firewall rules once the interface is up. If somebody wants to know how to do it, I'm leaving an example:
Code:
[Interface]
Address = 10.6.0.1/24
ListenPort = 51820
PrivateKey = XXXXXXXXXXX
PostUp = pfctl -f /etc/pf.conf
Someone knows how to do this better without the wireguard interface trick?
Can I change the system load order to prevent this problem?
Thanks all.
Last edited: