|
OpenBSD Security Functionally paranoid! |
|
Thread Tools | Display Modes |
|
|||
authpf, authpf.rules unable to modify filters
Hello all:
I am wondering if anyone has seen symptoms like these. I use authpf to open access to users who authenticate to our firewall. Since we have many different groups to manage, I have created /etc/authpf/users/Templates where I keep rulesets for the different groups and then in individual users' /etc/authpf/users/Username directories I just create a symbolic link to the appropriate file in Templates. It's worked for quite a while. Today a user called and said that their putty session would close immediately after they had logged in. In /var/log/daemon I saw: May 8 11:47:02 our-fw authpf[14121]: pfctl exited abnormally First I logged in with my authpf account and had no trouble getting authenticated. Since my account links to a different ruleset file, I then created an account that linked to the same ruleset as my other user and got this when I logged in: pfctl: DIOCXCOMMIT: Device busy Unable to modify filters After some tinkering, it seems that if I have a table defined in the authpf ruleset file, pfctl can't load the changes. I suspect that if I reboot our firewall, this will go away but I'd like to see if I can diagnose the problem better. Any suggestions on other things to investigate? thx kmb Last edited by kbeaucha; 8th May 2012 at 08:33 PM. Reason: correct typo. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
authpf setup | dbach | OpenBSD General | 14 | 19th January 2013 04:25 AM |
transparent firewall & authpf? | ll2ollvll3o | OpenBSD General | 2 | 10th April 2012 12:42 AM |
Configuring authpf freebsd | kasse | FreeBSD General | 0 | 7th February 2009 12:32 PM |
Exempting clients from AuthPF | Kristijan | NetBSD Security | 1 | 12th July 2008 12:09 AM |
Modify host-level firewall rules (without getting locked out) | anomie | Guides | 13 | 16th June 2008 04:26 AM |