Yes, there is no "no" directive in port forward as of yet. Scott
On 11/1/05, Etienne Ledoux <[EMAIL PROTECTED]> wrote: > ok, I guess this means there is no solution for this problem yet ? > I'll have to wait a bit ? > > > e. > > > On 11/1/05, Bill Marquette <[EMAIL PROTECTED]> wrote: > > On 11/1/05, alan walters <[EMAIL PROTECTED]> wrote: > > > [alan walters] > > > I have been thinking about this a lot recently. I was wondering if rules > > > for squid ftp proxy ipsec extra. Could be added to the xml file. At > > > least this way the user has some control over what to do with them. > > > > > > I thought the best way to display these would be under there relative > > > interface setting and grouped by the anchor points defined in pf. > > > > > > At least this would allow for a bit more transperancyy as to what rules > > > are going on and maybe a bit more control over what services are used > > > where. > > > > > > Look forward to hearing what other users have to say in respect to this > > > issue on hidden rules in the /tmp/rules.debug file. > > > > I agree (who cares about the users when the devs - well at least one - > > agree? ;-P), the system generated rules do need to be exposed. It's > > one of the items on my "Enterprise readiness TODO" list. Currently > > those rules are tied pretty heavily into the rules.debug generation, > > but I've got some ideas on the "best" way to move them out. > > > > I'm actually finding this somewhat refreshing, with the user levels, > > multi-user, and hidden rules discussions, it sounds like we're nearly > > at a point where SOHO is usable and we've peaked enough interest to > > consider it in an enterprise. > > > > --Bill > > > >
