In my pf.conf I have lines like this
rdr on $ext_if proto tcp from any to ($ext_if) port 5060 -> asterisk
to redirect traffic to a specific machine. However this will only work if the firewall knows what asterisk means. In this case asterisk gets its ip by dhcp (which also runs on the fw). So if the firewall is rebooted this will not work until I login and do pfctl -f /etc/pf.conf after
the ips are assigned.
One solution would be to go to static ips, but it's rather convenient to use dhcp and also makes pf.conf easy to read. How can this be solved?
Can I delay pf in rc.d do make it run after dhcpd? If so, how and what side effects would that bring?
This is on a FBSD 9.0-RELEASE-p3 machine.