From owner-freebsd-pf@FreeBSD.ORG Mon May 9 01:54:43 2011 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6F0EC1065672 for ; Mon, 9 May 2011 01:54:43 +0000 (UTC) (envelope-from jhellenthal@gmail.com) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id 24FA68FC16 for ; Mon, 9 May 2011 01:54:42 +0000 (UTC) Received: by iyj12 with SMTP id 12so5668465iyj.13 for ; Sun, 08 May 2011 18:54:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:date:from:to:cc:subject:message-id :references:mime-version:content-type:content-disposition :in-reply-to:x-openpgp-key-id:x-openpgp-key-fingerprint :x-openpgp-key-url; bh=PuBjzWqTUtm8nn9yBHaKseEb3poLJzzqD8XBdAevt+s=; b=SMbnPltPnKu9dwJphMWH1C97mEZRr/LXQvRNBLCmAdJUvtW6AzwMeeV5R6pQaR2Oh8 pSmHtog76jvyAnJZDIA5yDGpjU+CTyTt1iY2tvM2x8JjittbRv5v07NNYKzaYFNltgeZ WGQSUho3dpo38AtfMzFdwTQ5EOqtQYglDHjOc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:x-openpgp-key-id :x-openpgp-key-fingerprint:x-openpgp-key-url; b=m4mA+S8lBPer4oN4XLzzE4Mvh/TAhacmyP6Val8QP+vClfLO72iv2zjbNXNo88YZmp SnzcqL8HiJfu0s2CYbvcDvgSL1QhkZ/dcaMlorVdBAsa5Nfdjl8kQo1ZcKu+DfeZAxcp zd60vDE75VhFjs3QpbcXn+WRyogQjkMHUgbrU= Received: by 10.43.70.81 with SMTP id yf17mr5650077icb.464.1304906080534; Sun, 08 May 2011 18:54:40 -0700 (PDT) Received: from DataIX.net (adsl-99-190-84-116.dsl.klmzmi.sbcglobal.net [99.190.84.116]) by mx.google.com with ESMTPS id e12sm2216678ics.7.2011.05.08.18.54.38 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 08 May 2011 18:54:39 -0700 (PDT) Sender: "J. Hellenthal" Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.4/8.14.4) with ESMTP id p491sZZL023157 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 8 May 2011 21:54:35 -0400 (EDT) (envelope-from jhell@DataIX.net) Received: (from jhell@localhost) by DataIX.net (8.14.4/8.14.4/Submit) id p491sUYT023156; Sun, 8 May 2011 21:54:30 -0400 (EDT) (envelope-from jhell@DataIX.net) Date: Sun, 8 May 2011 21:54:30 -0400 From: Jason Hellenthal To: "Bjoern A. Zeeb" Message-ID: <20110509015430.GL3527@DataIX.net> References: <20110508194527.GD3527@DataIX.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="W/D3X8sky0X3AmG5" Content-Disposition: inline In-Reply-To: X-OpenPGP-Key-Id: 0x89D8547E X-OpenPGP-Key-Fingerprint: 85EF E26B 07BB 3777 76BE B12A 9057 8789 89D8 547E X-OpenPGP-Key-URL: http://bit.ly/0x89D8547E Cc: freebsd-pf@freebsd.org Subject: Re: using ?include? like statement in pf.conf to include some parts from other files X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 May 2011 01:54:43 -0000 --W/D3X8sky0X3AmG5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Bjoern, On Sun, May 08, 2011 at 09:52:58PM +0000, Bjoern A. Zeeb wrote: > On May 8, 2011, at 7:45 PM, Jason Hellenthal wrote: >=20 > >=20 > > Oguz, > >=20 > > On Sun, May 08, 2011 at 08:39:05PM +0300, Oguz Yilmaz wrote: > >> Hi, > >>=20 > >> I want to be able to include some parts of my pf.conf from other set o= f files. > >>=20 > >> For example I will include "set timeout" vs like statements in another= file. > >>=20 > >> Using anchors and "load anchor from file" statements will not help > >> because anchor can not hold such GLOBAL OPTIONS. In case I set those > >> macros and set statement in a anchor it will be valid for the anchor > >> or not valid at all (set statemenets). > >>=20 > >=20 > > At this time as I know, this functionality is not available in pf41 tha= t=20 > > is and has been a part of FreeBSD for quite some time and believe it st= ill=20 > > is a part of -CURRENT. > >=20 > > There has been some work on getting pf up-to-date as of pf45 where ther= e=20 > > is a patch that is available for -CURRENT only but I am not aware as if= it=20 > > supports the functionality you desire. > >=20 > > If that is something you are interested in and know is a part of pf45,= =20 > > then you are welcome to upgrade to -CURRENT and apply that patchset if= =20 > > needs be to help test while achieving your objectives. > >=20 > > Some of the work has been done here: > > http://svn.freebsd.org/base/user/eri/pf45/head/ >=20 > http://svnweb.freebsd.org/base/projects/pf/pf45/ Thank you for the correction. Le~ Goog has failed me at this point ;) Do you know "off-hand" if this functionality is available in pf45 ? I=20 don't expect you to look it up as I know you have plenty of stuff on your= =20 plate but thought I would ask directly. >=20 > I hope Ermal will post the final patch RSN and put it into HEAD afterward= s. >=20 > >=20 > > And there are various other messages on the lists that you are welcome = to=20 > > search for if interested. > >=20 > >=20 > > Good Luck. > >=20 > --=20 Regards, (jhell) Jason Hellenthal --W/D3X8sky0X3AmG5 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (FreeBSD) Comment: http://bit.ly/0x89D8547E iQEcBAEBAgAGBQJNx0lVAAoJEJBXh4mJ2FR+u8IH/0GbG4a5Ow2vxNd6eoAt+oGO F34265YGjpI2loYw7PqfClhFlBokbapPmwEvRJhKCF1Oe6KTGhxaYoic6+uofUwh pfGqhrxfArCQHJUa0fJZFMzWoVqhzE/HunTuNWaBrnr+mzdOJwthOrNKHmn9vm3e 7aNOskVwNH3bVGsZ1jEgduea3InKjrUYz8v+IZIN7IdvpH6KjYe7Hitw3RjbaDaa hQ/CiMCucmitkWpUoL6ByjI/73Ck+yStWAR5uv9VrvE/wBB96lVV8L67RrUK+CUv P7u2cebdTh/pWQLTBKEKxMOL6e8kUW8klJqbGFEmG00aQlxikyWXlffwpXDqw6o= =QicG -----END PGP SIGNATURE----- --W/D3X8sky0X3AmG5--