On Fri, Jul 17, 2009 at 11:11:22AM +0200, Holger Glaess wrote:
| you are right but i think it is really helpful if pfctl give an
| warning if he found those kind of line that you can decide if this
| rule to want or a miss typo that have to be correct.
And the next guy wants a warning when you block ssh access. Then the
next guy has yet other things he thinks his firewall should never
allow and wants to get warned when his rules do not match that. Yet
another guy wants warnings for whatever it is he doesn't want his
firewall to do.
What I think you want is `pfctl -vf /etc/pf.conf`. The -v will tell
you what rules are loaded. Should be enough warning for you. If you
can't verify your ruleset after loading it, I really think you have
bigger problems than what can be solved with a warning.
Paul 'WEiRD' de Weerd
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
