diff options
| author | Marco Pfatschbacher <mpf@cvs.openbsd.org> | 2008-01-09 21:38:20 +0000 |
|---|---|---|
| committer | Marco Pfatschbacher <mpf@cvs.openbsd.org> | 2008-01-09 21:38:20 +0000 |
| commit | 597c7e339fd131c5dbb14259b1430ec93c1a8934 (patch) | |
| tree | ceb5b614a298f8e6d2c7174b8e8b9942e5989bb1 /etc/netstart | |
| parent | 701fbb8f0bcfbeb3b8e495f8aae3abd97b7c35af (diff) | |
Do not bring up pfsync(4) before the working ruleset
has been loaded. Otherwise, states that are received during the
initial bulk update mismatch the correct pf-checksum and
do not attach to the rules.
Problem identified by david@. Fix done in collaboration.
OK henning@
Diffstat (limited to 'etc/netstart')
| -rw-r--r-- | etc/netstart | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/etc/netstart b/etc/netstart index 07dd92da7fa..4b32332e84a 100644 --- a/etc/netstart +++ b/etc/netstart @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: netstart,v 1.116 2007/08/02 03:19:10 david Exp $ +# $OpenBSD: netstart,v 1.117 2008/01/09 21:38:19 mpf Exp $ # Strip comments (and leading/trailing whitespace if IFS is set) # from a file and spew to stdout @@ -304,10 +304,8 @@ fi # The trunk interfaces need to come up first in this list. # The vlan interfaces need to come up after trunk. -# The pfsync interfaces need to come up before carp. -# Configure all the carp interfaces which we know about. -# They must come up after pfsync but before default route. -ifmstart "trunk vlan pfsync carp" +# Configure all the carp interfaces which we know about before default route. +ifmstart "trunk vlan carp" # /etc/mygate, if it exists, contains the name of my gateway host # that name must be in /etc/hosts. |