Date: Tue, 31 Jan 2006 12:54:53 -0800 From: David Wolfskill <david@catwhisker.org> To: freebsd-mobile@freebsd.org Subject: Re: (wlan) how to update a pf rules set automaticly Message-ID: <20060131205453.GY94023@bunrab.catwhisker.org> In-Reply-To: <20060131204441.GB1047@binky.0xfce3.net> References: <20060131204441.GB1047@binky.0xfce3.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 31, 2006 at 09:44:41PM +0100, Gordon Bergling wrote: > ... > Off cource, I could write a script which updates my pf.conf or restart > pf with a different config file, but I would like to have some more > magic. ;) > > Has anyone an Idea? What I do, using ipfw, is have 2 scripts. The first is the initial script; it only allows DHCP traffic. The second is invoked via dhclient-exit-hooks, and is told such things as my IP address, subnet mask, default router, maybe an NTP server.... Anyway, the second script is fired up by dhclient-exit-hooks, and set up the packet filtering rules for the IP address & network on which I ended up. Peace, david -- David H. Wolfskill david@catwhisker.org Mail filters, like sewers, need to be most restrictive at the point of entry. See http://www.catwhisker.org/~david/publickey.gpg for my public key.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060131205453.GY94023>