View Single Post
  #1   (View Single Post)  
Old 9th August 2012
bsdperson bsdperson is offline
Port Guard
 
Join Date: May 2008
Posts: 37
Red face pf rdr to hostname rather than ip

In my pf.conf I have lines like this

Code:
rdr on $ext_if proto tcp from any to ($ext_if) port 5060 -> asterisk
to redirect traffic to a specific machine. However this will only work if the firewall knows what asterisk means. In this case asterisk gets its ip by dhcp (which also runs on the fw). So if the firewall is rebooted this will not work until I login and do pfctl -f /etc/pf.conf after the ips are assigned.

One solution would be to go to static ips, but it's rather convenient to use dhcp and also makes pf.conf easy to read. How can this be solved?

Can I delay pf in rc.d do make it run after dhcpd? If so, how and what side effects would that bring?

This is on a FBSD 9.0-RELEASE-p3 machine.
Reply With Quote