Leonardo Carneiro - Veltrac <[email protected]> writes: > There is a way to do time-based rules on pf? Something like "this packet > will /pass/ from 10h to 13h" or "this packet will /pass/ until 22h, 13 > june". I mean, there is a built-in mechanic to do this in pf or i'll > need to write a script in cron to add and remove rules?
There is no 'time based rules' feature in PF itself, but as others have mentioned already, if you need to add or remove entire rules, you can do that via anchors. For contexts where you want to add or remove hosts from the set that matches a particular rule, you could write rules that match on table membership and manipulate the tables. Depending on your specific needs, cron or at jobs with pfctl one-liners could go a long way. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
