i would concur that anchors are cleaner than redefining macros, but they do require rewriting rules
On Thu, Dec 8, 2011 at 7:23 AM, Bret S. Lambert <[email protected]> wrote: > Take a look at pf anchors. > > On Thu, Dec 08, 2011 at 10:21:14PM +1100, John Tate wrote: >> Is there a way to control ports on a filter from the command line? I guess >> I just have manually adding and deleting rules. >> >> On Thu, Dec 8, 2011 at 10:19 PM, Andres Perera <[email protected]> wrote: >> >> > the documentation is pretty clear by saying that tables can only hold >> > addresses, not a random set of numbers >> > >> > On Thu, Dec 8, 2011 at 6:41 AM, John Tate <[email protected]> wrote: >> > > Misc, >> > > >> > > I have sucessfully got an OpenBSD machine to connect via ADSL and forward >> > > packets, I am gradually upgrading my pf.conf. I am having trouble with >> > this >> > > configuration (ignore some obvious bugs related to table names where >> > tables >> > > are defined and the rules I have seen them). >> > > >> > > At the moment I am working on doing some things as tables. I want tables >> > to >> > > hold the ports, but it appears perhaps they can only hold IP addresses. >> > The >> > > following tables do not work from line 10-11... >> > > >> > > table <etcpserv> { 22 } >> > > table <itcpserv> { 22, 53 } >> > > >> > > The whole thing is here: http://pastebin.com/VuLNW9Ph >> > > >> > > John Tate >> > > >> > > -- >> > > www.johntate.org >> > > >> > >> >> >> >> -- >> www.johntate.org
