Hi,
I have a server acting as a firewall.
Some of the rules in my /etc/pf.conf had dns names.
For example :
The problem is when the server reboots, the rules are not loaded because pf can't resolv names at startup. As a consequence, all the traffic is blocked because of nat rules in the rules file. I have to manually reload pf rules to let people acces the net.
I've searched the net and forums for a solution to fix this and found a discussion that suggests to use tables and put my dns names in the tables created.
I tried this but the problem is still here.
Does anyone have a solution/fix/workaround to let pf rules load at startup with dns names in the rules file ?
I read that pf is loading before named that's why it can't do the resolving step. Changing this order may be the solution. Is it feasable ?
Thanks,
P.S. Sorry for my poor english.
I have a server acting as a firewall.
Some of the rules in my /etc/pf.conf had dns names.
For example :
Code:
...
pass in quick on $int_if to smtp.isp.com port smtp
pass in quick on $int_if to pop3.isp.com port pop3
...
The problem is when the server reboots, the rules are not loaded because pf can't resolv names at startup. As a consequence, all the traffic is blocked because of nat rules in the rules file. I have to manually reload pf rules to let people acces the net.
I've searched the net and forums for a solution to fix this and found a discussion that suggests to use tables and put my dns names in the tables created.
I tried this but the problem is still here.
Does anyone have a solution/fix/workaround to let pf rules load at startup with dns names in the rules file ?
I read that pf is loading before named that's why it can't do the resolving step. Changing this order may be the solution. Is it feasable ?
Thanks,
P.S. Sorry for my poor english.