Re: NPF syntax

To: Gerard Lally <lists+netbsd.users%netmail.ie@localhost>
Subject: Re: NPF syntax
From: "D'Arcy J.M. Cain" <darcy%NetBSD.org@localhost>
Date: Mon, 16 Mar 2015 15:52:22 -0400

On Mon, 16 Mar 2015 18:26:58 GMT
Gerard Lally <lists+netbsd.users%netmail.ie@localhost> wrote:
> At date and time Mon, 16 Mar 2015 09:52:07 -0400, D'Arcy J.M. Cain
> wrote:
> > # npfctl validate
> > /etc/npf.conf:11:3: syntax error near 'alg'
> > 
> > I am using the example config almost verbatim except for the table
> > names and file paths.
> > 
> > What am I missing here?
> 
> I had to move the tables to /etc ; I think the reason was that
> the /usr filesystem was not mounted early enough at boot. Perhaps
> something like that is your problem as well? Is VEX a NFS mount?

I had a similar issue with pf on one of my servers but not this one.  In
any case, it isn't a boot issue.  I haven't made it live yet.  I am
just running validate on the generated npf.conf.

By the way, when I had the issue with pf it locked me out of the
server.  I would hope that npf has a better failure mode and simply
doesn't enable the packet filter on error.  It was extremely annoying
that I had to go to the colo to see why my server was down.

-- 
D'Arcy J.M. Cain <darcy%NetBSD.org@localhost>
http://www.NetBSD.org/ IM:darcy%Vex.Net@localhost

References:
- NPF syntax
  - From: D'Arcy J.M. Cain
- Re: NPF syntax
  - From: Gerard Lally

Prev by Date: Re: /proc inodes filling up in 1 week
Next by Date: Re: NPF syntax
Previous by Thread: Re: NPF syntax
Next by Thread: Re: NPF syntax
Indexes:

Home | Main Index | Thread Index | Old Index