Date: Mon, 20 Jan 2020 12:10:55 -0500 From: mike tancsa <mike@sentex.net> To: Patrick Lamaiziere <patfbsd@davenulle.org> Cc: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: Re: automatic tables / self statement in pf.conf Message-ID: <5a1318f5-663a-3c83-34bb-330317c26cec@sentex.net> In-Reply-To: <20200120161629.7f5725d9@mr185033.univ-rennes1.fr> References: <5a989609-3366-bcc0-3e6f-d0ad29046f61@sentex.net> <20200120161629.7f5725d9@mr185033.univ-rennes1.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1/20/2020 10:16 AM, Patrick Lamaiziere wrote: > What would trigger the table name to change like that ? > I think that names of automatic tables are more or less random. I've > got two firewalls using the same ruleset (pf.conf) and the name > of the automatic table for self is not the same on both. > > I thing a simple pfctl -f will change the name. Yes, looks like it. >> Also, is there a better way to monitor pf rule changes ? I dont see >> any mention in FreeBSD audit ? > I don't know, may be the checksum changes when the ruleset changes ? it does, but if someone added a rule and then removed it, the checksum would be the same it seems and there would be no record of the addition and deletion of the rule ---Mike > > # pfctl -vvvv -si > No ALTQ support in kernel > ALTQ related functions disabled > Status: Enabled for 11 days 05:32:26 Debug: Urgent > > Hostid: 0x19478aad > ===> Checksum: 0x964f5ae9bc221aa840ba7323cb649e32 > > Interface Stats for all IPv4 IPv6 > ... > > Regards, > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5a1318f5-663a-3c83-34bb-330317c26cec>