I was only an idea regarding the question. Sorry for sharing thoughts ... I'm already using such a script because of that, would be great to have that job done by pfctl because everyone whould have this "feature" and you can not pass it by pfctl -f ... As I said this is only an idea. We should stop this discussion :)
Regards Hagen Volpers > -----Urspr|ngliche Nachricht----- > Von: Paul de Weerd [mailto:[EMAIL PROTECTED] > Gesendet: Samstag, 26. Juli 2008 00:00 > An: openbsd misc > Cc: misc@openbsd.org > Betreff: Re: pfctl > > On Fri, Jul 25, 2008 at 11:38:40PM +0200, openbsd misc wrote: > | Hehe, I knew I'll get this reply. ;-) The question was > which configuration is > | active, not what will be activated by pfctl -f > /etc/pf.conf, that's the > | difference. > | I think that could help some people in multi-admin environments ;-) > > If you can't organize a proper way to keep loaded rules and rulefile > in sync, you may want to have a talk with the other admins. > > Given that, you may want to create a script that does exactly what you > want. It's OpenBSD. It's open source, the tools are there, you can see > how this stuff works, you know what you want - create what you need by > yourself. A simple script that copies your pf.conf to > /var/whatever/last.loaded is just a few keystrokes away. > > Cheers, > > Paul 'WEiRD' de Weerd > > | Regards > | Hagen Volpers > | > | > | > -----Urspr|ngliche Nachricht----- > | > Von: Paul de Weerd [mailto:[EMAIL PROTECTED] > | > Gesendet: Freitag, 25. Juli 2008 22:37 > | > An: openbsd misc > | > Cc: misc@openbsd.org > | > Betreff: Re: pfctl > | > > | > On Fri, Jul 25, 2008 at 10:16:21PM +0200, openbsd misc wrote: > | > | Hi, > | > | > | > | interessting point. How about dumping it to a file or > | > something so you are > | > | able to check what was loaded last time (e.g. a file > with 400 under > | > | /var/whatever)? > | > > | > GREAT IDEA ! > | > > | > How about /etc/pf.conf ? > | > > | > Cheers ! > | > > | > Paul 'WEiRD' de Weerd > | > > | > | Regards > | > | Hagen Volpers > | > | > | > | > | > | > -----Urspr|ngliche Nachricht----- > | > | > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > | > | > Im Auftrag von Stuart Henderson > | > | > Gesendet: Freitag, 25. Juli 2008 17:15 > | > | > An: Charlie Clark > | > | > Cc: misc@openbsd.org > | > | > Betreff: Re: pfctl > | > | > > | > | > On 2008/07/25 14:53, Charlie Clark wrote: > | > | > > Stuart Henderson wrote: > | > | > >> On 2008-07-25, Charlie Clark > <[EMAIL PROTECTED]> wrote: > | > | > >> > | > | > >>> Hi, > | > | > >>> > | > | > >>> I have noticed that you are unable to view the > | > currently loaded > | > | > >>> options for pf using pfctl, even 'pfctl -sa' > doesn't show the > | > | > >>> options eg. set skip on tun0. > | > | > >>> Is this going to be implemented soon or is it there and > | > | > I'm missing > | > | > >>> something? > | > | > >>> > | > | > >>> Regards, > | > | > >>> > | > | > >>> > | > | > >> > | > | > >> Someone asked about this recently. > | > | > >> > http://marc.info/?l=openbsd-misc&w=2&r=1&s=set+skip+pfctl&q=b > | > | > >> > | > | > >> > | > | > >> > | > | > > Yes sorry I posted this by accident, I still > haven't got a valid > | > | > > solution for this though. > | > | > > | > | > "set XX" options are a mix of directives to pf and to pfctl, > | > | > the pfctl directives don't get stored anywhere so you can't > | > | > retrieve them later. The ones affecting pf are available but > | > | > in a different format. > | > | > | > > | > -- > | > >++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+ > | > +++++++++++>-]<.>++[<------------>-]<+.--------------.[-] > | > http://www.weirdnet.nl/ > | > > -- > >++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+ > +++++++++++>-]<.>++[<------------>-]<+.--------------.[-] > http://www.weirdnet.nl/
