On Tue, Apr 27, 2010 at 08:46:41PM +0100, Vincent Hoffman wrote: > On 27/04/2010 20:31, John wrote: > > This seems to be working pretty well, and I'll eventually take the > > print statement out, but I'm not sure why I had to make /dev/pf > > public read/write in order to get the pfctl command to work. > > > > What is the best solution to be able to add to my spammers table > > in pf without making it public read/write? > > > It would probably make more security sense to add the user that the > script is running as to a group (say pfctl) > then make the /dev/pf device group owned by the pfctl group and group > writable. > Other options include sudo access for your scripts user to run a > specific pfctl command. >
Oh, yeah, duh! Add mailnull to a pfctl group... That makes sense. -- John Lind j...@starfire.mn.org _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"