On Mon, Dec 21, 2020 at 07:28:54PM -0800, Sean Kamath wrote:
> > On Dec 21, 2020, at 14:24, Aham Brahmasmi wrote:
> > For the defaults, I try to explicitly write some of them sometimes. I
> > find this helpful because it is difficult for me to remember what the
> > defaults are. However, I do unde
> On Dec 21, 2020, at 14:24, Aham Brahmasmi wrote:
> For the defaults, I try to explicitly write some of them sometimes. I
> find this helpful because it is difficult for me to remember what the
> defaults are. However, I do understand that I run the risk of being
> caught unawares if the defaults
Namaste Peter,
Tusen takk for your reply.
> Sent: Saturday, December 19, 2020 at 3:32 PM
> From: "Peter Nicolai Mathias Hansteen"
> To: "misc"
> Subject: Re: pf.conf parser/lint
>
>
>
> > 19. des. 2020 kl. 14:50 skrev Aham Brahmasmi :
> >
> 19. des. 2020 kl. 14:50 skrev Aham Brahmasmi :
>>>
>>
>> Always put your interfaces into groups. Identify based upon the groups.
>
> In case there are more such simple rules of thumb, could you please
> share them?
I think that piece of advice is one of the more important ones you’re likel
Namaste Theo,
I apologize for reincarnating this thread.
> Sent: Friday, September 04, 2020 at 5:33 PM
> From: "Theo de Raadt"
> To: "Tommy Nevtelen"
> Cc: misc@openbsd.org
> Subject: Re: pf.conf parser/lint
>
> Tommy Nevtelen wrote:
>
>
> We provide over FIVE ways to identify ports without using the hardware
> driver names, but hey... this discussion is about the theory you can
> check overall behaviour of a system by ignoring the important parts.
I always put a description and group field in my hostname config so that
it allow m
Tommy Nevtelen wrote:
> On 04/09/2020 18.07, Brian Brombacher wrote:
> > Well, let’s say a Linter doesn’t exist and you can’t invest time to make
> > one. Do you have a lower environment, mirror-exact ideally, to run tests
> > on the pre-receive hook?
> >
> > It’s an interesting issue you’re t
On 04/09/2020 18.07, Brian Brombacher wrote:
Well, let’s say a Linter doesn’t exist and you can’t invest time to make one.
Do you have a lower environment, mirror-exact ideally, to run tests on the
pre-receive hook?
It’s an interesting issue you’re trying to solve ;)
I didn't say I can't inv
> On Sep 4, 2020, at 12:03 PM, Tommy Nevtelen wrote:
>
> On 04/09/2020 17.40, Brian Brombacher wrote:
On Sep 4, 2020, at 11:28 AM, Brian Brombacher wrote:
>>>
>>>
On Sep 4, 2020, at 10:51 AM, Tommy Nevtelen wrote:
Hi there misc!
Is there an external pfctl
Tommy Nevtelen wrote:
> On 04/09/2020 17.24, Brian Brombacher wrote:
> >
> >> On Sep 4, 2020, at 10:51 AM, Tommy Nevtelen wrote:
> >>
> >> Hi there misc!
> >>
> >> Is there an external pfctl linter? we have bunch pf firwalls for which we
> >> generate rules but also write some manual ones that
On 04/09/2020 17.40, Brian Brombacher wrote:
On Sep 4, 2020, at 11:28 AM, Brian Brombacher wrote:
On Sep 4, 2020, at 10:51 AM, Tommy Nevtelen wrote:
Hi there misc!
Is there an external pfctl linter? we have bunch pf firwalls for which we
generate rules but also write some manual ones tha
On 04/09/2020 17.24, Brian Brombacher wrote:
On Sep 4, 2020, at 10:51 AM, Tommy Nevtelen wrote:
Hi there misc!
Is there an external pfctl linter? we have bunch pf firwalls for which we
generate rules but also write some manual ones that get merged. Would be nice
if we could lint the rules
> On Sep 4, 2020, at 11:28 AM, Brian Brombacher wrote:
>
>
>
>> On Sep 4, 2020, at 10:51 AM, Tommy Nevtelen wrote:
>>
>> Hi there misc!
>>
>> Is there an external pfctl linter? we have bunch pf firwalls for which we
>> generate rules but also write some manual ones that get merged. Wou
> On Sep 4, 2020, at 10:51 AM, Tommy Nevtelen wrote:
>
> Hi there misc!
>
> Is there an external pfctl linter? we have bunch pf firwalls for which we
> generate rules but also write some manual ones that get merged. Would be nice
> if we could lint the rules before committed to vcs.. (yes
On Fri, Sep 4, 2020 at 10:51 AM Tommy Nevtelen wrote:
>
> Hi there misc!
>
> Is there an external pfctl linter? we have bunch pf firwalls for which
> we generate rules but also write some manual ones that get merged. Would
> be nice if we could lint the rules before committed to vcs.. (yes we
> te
Hi there misc!
Is there an external pfctl linter? we have bunch pf firwalls for which
we generate rules but also write some manual ones that get merged. Would
be nice if we could lint the rules before committed to vcs.. (yes we
test before they are applied on the machines as well but that is w
16 matches
Mail list logo