On 6 apr 2006, at 16:48, Daniel Hartmeier wrote:
So, I consider this a sufficiently elegant (existing!) solution, the
only annoying thing is that you have to manually enumerate all IPs
within the netblock.
Where manual being relative. I wrote a util to do that and other
common operations on lists of IP-addresses.
It's called 'tableutil' and can be found at http://
expiretable.fnord.se/#tableutil
Perhaps something like
cat yourfile | tableutil -c 'save(single, stdout, load(text, stdin));'
or simply
tableutil -c 'save(single, "expanded_list", load(text, "yourfile"));'
would do the trick?
Combine with statement to load the table from a file in your pf.conf.
"yourfile" would contain the addresses in any combination of the
following formats:
1.2.2.0-1.2.3.0
1.2.2.0/23
host1.domain.tld
1.4.5.6
