From owner-freebsd-pf@FreeBSD.ORG Fri Dec 17 11:22:01 2010 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 58763106566B for ; Fri, 17 Dec 2010 11:22:01 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-fx0-f49.google.com (mail-fx0-f49.google.com [209.85.161.49]) by mx1.freebsd.org (Postfix) with ESMTP id EE3148FC0A for ; Fri, 17 Dec 2010 11:22:00 +0000 (UTC) Received: by fxm19 with SMTP id 19so476246fxm.36 for ; Fri, 17 Dec 2010 03:21:59 -0800 (PST) MIME-Version: 1.0 Received: by 10.223.87.13 with SMTP id u13mr967970fal.1.1292583030221; Fri, 17 Dec 2010 02:50:30 -0800 (PST) Received: by 10.223.13.20 with HTTP; Fri, 17 Dec 2010 02:50:30 -0800 (PST) Date: Fri, 17 Dec 2010 11:50:30 +0100 Message-ID: From: Damien Fleuriot To: freebsd-pf@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: inclusion of subconfig files like on openbsd X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Dec 2010 11:22:01 -0000 Hello list, I apologize if the question has been asked already but I couldn't find it in the ML archives nor in the FreeBSD9 roadmap. I was wondering if there are plans to mimic OpenBSD's mechanism which lets one include a subconfig file from the main pf.conf file. As in: include "/etc/pf/interface_defs" include "/etc/pf/table_defs" include "/etc/pf/timeout_defs" ... and so on. What are your views on this feature ? We're highly interested in it here, it would allow us much more flexibility. I know we can sort of achieve the same result with anchors for the rules and nat/rdr, but these are much less practical. Regards, -- Damien