The dynamic firewall daemon (DFD) is my project to allow a firewall API. This enables you to make rule changes in a simple, carefully controlled, easily-automated way. I've resumed work on the pf/python variant, which is called The Bridge Keeper, after the guy in Monty Python and The Holy Grail. It provides a framework for writing APIs to firewalls. Once you've done this, you can telnet (or netcat) to it and run commands that alter the rules in tightly-controlled ways. It also offers persistence, so if you reboot your box after dynamic reconfiguration, the rules are still the same.
More here: http://www.subspacefield.org/security/dfd/ List subscription link: http://lists.bitrot.info/mailman/listinfo/dfd -- Crypto ergo sum. http://www.subspacefield.org/~travis/ Truth does not fear scrutiny or competition, only lies do. If you are a spammer, please email [EMAIL PROTECTED] to get blacklisted.
