Am Mi, 10.01.2007, 14:18, schrieb Johan Segernäs:
> I have several networks in different IP nets and different incoming
> interfaces. I would like to make this a loop or something instead of, as
> it is now, different blocks.
>
> Today it looks like (very stripped down)
> pass in on $FOO_NET inet from $FOO_IPS to any keep state
> pass in on $BAR_NET inet from $BAR_IPS to any keep state
>
> Instead I would like to do it like
> for i in FOO BAR; do
> pass in on ${i}_NET inet from ${i}_IPS to any keep state
> done
>
> Or something. Is this possible within pf.conf or would I have to make a
> shell loop creating this little extra pf config file and include in
> pf.conf?
"pfctl -f-" is your friend. There are a million tools our there that are
simply made to do stuff like this, just feed the output to pfctl. Also
take a look at:
http://blog.xbsd.org/2006/11/04/freebsdpf-include-command-hack/
--
/"\ Best regards, | [EMAIL PROTECTED]
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED]
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
