On Thu, Jan 09, 2003 at 11:13:41PM +0100, Henning Brauer wrote: > > Didn't know that. So, authpf can insert rules on fly using anchors, but is > > this possible with arbitrary applications? Say I want my snort box to insert > > filter rules into pf, by sending a messages (something like > > 'block 192.168.0.1') to a daemon running on my pf fw and have the daemon > > translate that into a rules which can be added to the filter/anchor. > > > > I guess the answer is yes. Write an authpf-like daemon (with a remote > > interface) and let is do the job. Oh, this brings us back to the > > original issue. It would be hell to maintain. > > what? no, easier, you just call pfctl and let it load the set of custom > rules to the anchor defined in your main pf.conf...
Perhaps. But it would be better to talk to the kernel directly, thru an API, instead of forking pfctl every time I need a rule added/removed from an anchor/table. Does authpf call pfctl? AFAIK, no. // haver