From owner-freebsd-questions@FreeBSD.ORG  Thu Nov 27 06:26:02 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 950B216A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 27 Nov 2003 06:26:02 -0800 (PST)
Received: from lilith.bellavista.cz (bellavista.worldonline.cz
	[212.90.245.154])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F3CB343F75
	for <freebsd-questions@freebsd.org>;
	Thu, 27 Nov 2003 06:26:00 -0800 (PST)
	(envelope-from neuhauser@bellavista.cz)
Received: from freepuppy.bellavista.cz (freepuppy.bellavista.cz [10.0.0.10])
	by lilith.bellavista.cz (Postfix) with ESMTP
	id 637A328; Thu, 27 Nov 2003 15:25:59 +0100 (CET)
Received: by freepuppy.bellavista.cz (Postfix, from userid 1001)
	id 0A0B02FDA01; Thu, 27 Nov 2003 15:25:59 +0100 (CET)
Date: Thu, 27 Nov 2003 15:25:58 +0100
From: Roman Neuhauser <neuhauser@bellavista.cz>
To: Dan Nelson <dnelson@allantgroup.com>
Message-ID: <20031127142558.GW340@freepuppy.bellavista.cz>
Mail-Followup-To: Dan Nelson <dnelson@allantgroup.com>,
	fbsd_user <fbsd_user@a1poweruser.com>,
	"freebsd-questions@FreeBSD. ORG" <freebsd-questions@freebsd.org>
References: <MIEPLLIBMLEEABPDBIEGCEIJEOAA.fbsd_user@a1poweruser.com>
	<20031126181353.GC48692@dan.emsphone.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20031126181353.GC48692@dan.emsphone.com>
User-Agent: Mutt/1.5.4i
cc: fbsd_user <fbsd_user@a1poweruser.com>
cc: "freebsd-questions@FreeBSD. ORG" <freebsd-questions@freebsd.org>
Subject: Re: IPFILTER rules with shell symbloic substitution
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Nov 2003 14:26:02 -0000

# dnelson@allantgroup.com / 2003-11-26 12:13:53 -0600:
> In the last episode (Nov 26), fbsd_user said:
> > Looking for way to code IPFILTER rules with shell symbolic
> > substitution. I know how to do it in the rules, but how to get ipf
> > pgm to exec in shell? Any body have example of how to setup this?
> 
> /etc/rc.firewall has lots of examples using ipfw; the concepts should
> work just as well with ipf.

    that won't work with ipf, but: you can have the rules passed through
    /bin/sh (which would do the substitutions), and piped into ipf.

-- 
If you cc me or remove the list(s) completely I'll most likely ignore
your message.    see http://www.eyrie.org./~eagle/faqs/questions.html