Date: Mon, 29 May 2006 22:51:43 +0200 From: phoemix@harmless.hu (Gergely CZUCZY) To: PauAmma <pauamma@gundo.com> Cc: freebsd-pf@freebsd.org Subject: Re: Loading table data into pf at start-up Message-ID: <20060529205143.GA17051@marvin.harmless.hu> In-Reply-To: <Pine.LNX.4.64.0605291427430.23594@javelin.gundo.com> References: <Pine.LNX.4.64.0605291427430.23594@javelin.gundo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, May 29, 2006 at 03:37:58PM -0500, PauAmma wrote: > /etc/rc.d/pf will happily let you load a rules file into pf, but=20 > unfortunately won't let you load table data if it doesn't fit on a single= =20 > line or if you want to store table data in other files for any reason. >=20 > pfctl only allows one -f option, so creative use of pf_flags won't help,= =20 > so I added a configuration variable, pf_tables, and some extra logic in= =20 > pf_start() to handle it. >=20 > pf_tables is a space-separated list of action:table:file tuples, eg:=20 > pf_tables=3D"a:idiots4:/etc/pf.idiots4 a:idiots6:/etc/pf.idiots6" what's the problem with a ruleset like table <abuse_ssh> persist file "/etc/pf-abuse_ssh" table <goodguys> persist file "/etc/goodguys" i have this, and works jolly good. so, what's the trouble with this? Bye, Gergely Czuczy mailto: gergely.czuczy@harmless.hu PGP: http://phoemix.harmless.hu/phoemix.pgp Weenies test. Geniuses solve problems that arise. --G4iJoqBmSsgzjUCe Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFEe17ebBsEN0U7BV0RAuT6AKDNSUH2AzaZZD6inDm+ruf84B7CQgCdGhGP QYLVfxUyu8BScatsAE8ceT4= =TyZn -----END PGP SIGNATURE----- --G4iJoqBmSsgzjUCe--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060529205143.GA17051>