4 files changed, 15 insertions, 1 deletions

diff --git a/files/etc/pf.conf.freebsd b/files/etc/pf.conf.freebsd
index 633f3ef..e01f49d 100644
--- a/files/etc/pf.conf.freebsd
+++ b/files/etc/pf.conf.freebsd
@@ -1,4 +1,8 @@
-egress = "${BOXCONF_DEFAULT_INTERFACE}"
+$(if [ -n "${pf_egress_interfaces:-}" ]; then
+    printf 'egress = "{ %s }"\n' "$(join ', ' $pf_egress_interfaces)"
+  else
+    printf 'egress = "%s"\n' "$BOXCONF_DEFAULT_INTERFACE"
+  fi)
 allowed_tcp_ports = "{ $(join ', ' ${allowed_tcp_ports:-}) }"
 allowed_udp_ports = "{ $(join ', ' ${allowed_udp_ports:-}) }"
 acme_standalone_port = ${acme_standalone_port}
@@ -7,6 +11,9 @@ nfscbd_port = ${nfscbd_port}
 
 set block-policy return
 set skip on lo
+$([ -n "${pf_skip_interfaces:-}" ] && printf \
+  'set skip on %s\n' $pf_skip_interfaces)
+
 scrub in on \$egress all fragment reassemble no-df
 
 $([ "${acme_standalone:-}" = true ] && echo \
diff --git a/scripts/hostclass/laptop b/scripts/hostclass/laptop
index 66d4181..26f9fe6 100644
--- a/scripts/hostclass/laptop
+++ b/scripts/hostclass/laptop
@@ -9,6 +9,11 @@ install_file -m 0555 /usr/local/libexec/lid-close
 install_file -m 0644 /etc/devd/lid-close.conf
 service devd restart
 
+# Enable kernel module for Android USB tethering.
+load_kernel_module if_urndis
+set_loader_conf if_urndis_load=YES
+sysrc -v ifconfig_ue0='DHCP'
+
 case ${wireless_type:-} in
   iwm*)
     set_loader_conf \
diff --git a/vars/hostclass/roadwarrior_laptop b/vars/hostclass/roadwarrior_laptop
index 99f8b9c..1889a77 100644
--- a/vars/hostclass/roadwarrior_laptop
+++ b/vars/hostclass/roadwarrior_laptop
@@ -1,2 +1,3 @@
 #!/bin/sh
 resolvers=$bootstrap_resolvers
+pf_skip_interfaces=wg
diff --git a/vars/hostname/rlaptop1 b/vars/hostname/rlaptop1
index 3e1b34c..7c8df01 100644
--- a/vars/hostname/rlaptop1
+++ b/vars/hostname/rlaptop1
@@ -1,5 +1,6 @@
 #!/bin/sh
 
+pf_egress_interfaces='wlan0 em0 ue0'
 desktop_type=i3
 wireless_type=iwm8265
 console_font=spleen-12x24