On Thu, 2006-11-30 at 16:00 +0000, Karl O. Pinc wrote: > of 2 firewalls that do not have identical > This is a pain. > (OTOH, _duplicating_ pf.conf ie easy with rsync.) > What would be the right way to use that description to > establish appropriate pf macros to abstract those interfaces? > Anybody else have any ideas?
Use interface groups, not descriptions or macros, then use them in place of interface names everywhere. ifconfig fxp0 mygroup pass in on mygroup from any to ... ciao Luca
