Date: Mon, 29 May 2006 22:51:43 +0200 From: phoemix@harmless.hu (Gergely CZUCZY) To: PauAmma <pauamma@gundo.com> Cc: freebsd-pf@freebsd.org Subject: Re: Loading table data into pf at start-up Message-ID: <20060529205143.GA17051@marvin.harmless.hu> In-Reply-To: <Pine.LNX.4.64.0605291427430.23594@javelin.gundo.com> References: <Pine.LNX.4.64.0605291427430.23594@javelin.gundo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Mon, May 29, 2006 at 03:37:58PM -0500, PauAmma wrote: > /etc/rc.d/pf will happily let you load a rules file into pf, but > unfortunately won't let you load table data if it doesn't fit on a single > line or if you want to store table data in other files for any reason. > > pfctl only allows one -f option, so creative use of pf_flags won't help, > so I added a configuration variable, pf_tables, and some extra logic in > pf_start() to handle it. > > pf_tables is a space-separated list of action:table:file tuples, eg: > pf_tables="a:idiots4:/etc/pf.idiots4 a:idiots6:/etc/pf.idiots6" what's the problem with a ruleset like table <abuse_ssh> persist file "/etc/pf-abuse_ssh" table <goodguys> persist file "/etc/goodguys" i have this, and works jolly good. so, what's the trouble with this? Bye, Gergely Czuczy mailto: gergely.czuczy@harmless.hu PGP: http://phoemix.harmless.hu/phoemix.pgp Weenies test. Geniuses solve problems that arise. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFEe17ebBsEN0U7BV0RAuT6AKDNSUH2AzaZZD6inDm+ruf84B7CQgCdGhGP QYLVfxUyu8BScatsAE8ceT4= =TyZn -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060529205143.GA17051>