This could be done with a shell script - get the script to parse
/var/db/dhcpd.leases and get the ip addresses that are leased out to
clients and get use pfctl to add them to a table that is associated
with a pass rule
i.e ( this is totally off the top of my head and my be wrong )
cat dhcpd.leases | grep -v \# | grep lease | awk '{print $2}' | while
read a ;do
pfctl -a foo:bar -t mytable -T add $a
done
or something like that...
Dan
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Ed White
Sent: 06 January 2004 18:09
To: [EMAIL PROTECTED]
Subject: dhcpd & authpf
Hi,
I would like to know if anyone has ever thought to modify dhcpd to talk
with
PF. The idea is similar to authpf behaviour: activating some rules when
a
client get the IP.
This should permit to know which internal IPs are active and can pass
across
the gateway (maybe NAT to internet) without accepting by default every
internat IPs to go out.
Thanks.
Ed
