From owner-freebsd-questions@FreeBSD.ORG Fri Feb 8 22:11:57 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1761716A418 for ; Fri, 8 Feb 2008 22:11:57 +0000 (UTC) (envelope-from perrin@apotheon.com) Received: from outbound-mail-23.bluehost.com (outbound-mail-23.bluehost.com [69.89.21.18]) by mx1.freebsd.org (Postfix) with SMTP id C887413C4E1 for ; Fri, 8 Feb 2008 22:11:56 +0000 (UTC) (envelope-from perrin@apotheon.com) Received: (qmail 8476 invoked by uid 0); 8 Feb 2008 22:11:55 -0000 Received: from unknown (HELO box183.bluehost.com) (69.89.25.183) by mailproxy2.bluehost.com with SMTP; 8 Feb 2008 22:11:55 -0000 Received: from c-24-9-123-251.hsd1.co.comcast.net ([24.9.123.251] helo=demeter.hydra) by box183.bluehost.com with esmtpa (Exim 4.68) (envelope-from ) id 1JNbRr-00013e-Jn for freebsd-questions@freebsd.org; Fri, 08 Feb 2008 15:11:55 -0700 Received: by demeter.hydra (sSMTP sendmail emulation); Fri, 8 Feb 2008 15:11:54 -0700 Date: Fri, 8 Feb 2008 15:11:54 -0700 From: Chad Perrin To: FreeBSD Questions Message-ID: <20080208221154.GB47822@demeter.hydra> Mail-Followup-To: FreeBSD Questions References: <20080208133822.GA46647@demeter.hydra> <47AC5EE3.1010003@locolomo.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47AC5EE3.1010003@locolomo.org> User-Agent: Mutt/1.4.2.3i X-Identified-User: {737:box183.bluehost.com:apotheon:apotheon.com} {sentby:smtp auth 24.9.123.251 authed with perrin@apotheon.com} Subject: Re: pf.conf for variable interfaces X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Feb 2008 22:11:57 -0000 On Fri, Feb 08, 2008 at 02:53:39PM +0100, Erik Norgaard wrote: > Chad Perrin wrote: > >I'm setting up PF on a FreeBSD laptop that sometimes uses the wireless > >device (iwi0) as its external interface, and sometimes uses the RJ-45 > >ethernet device (bge0) as its external interface. Unfortunately, I > >haven't figured out yet how to make that happen. > > How about this: > > ext_ifs = "{" iwi0 bge0 "}" > block in quick on ext_ifs all > pass out quick on ext_ifs all keep state > ... > > > As long as you don't need statements like iwi0:network which you > shouldn't on an endpoint, then I guess this will work. Thanks. That looks like the answer I wanted. I don't know why I can't find any documentation that offers an example of this. Maybe I'm losing my Google mojo. -- CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] Baltasar Gracian: "A wise man gets more from his enemies than a fool from his friends."