We can do that. We'll have to come up with some hook for the packages so that if three packages need to use anchors, the "echo anchor pkg1 | pfctl -a "package-anchor" -f -" doesn't overwrite existing anchors in the package-anchor anchor. Should be pretty easy to add.
in the meantime we do have some unused anchors: nat-anchor "natearly/*" nat-anchor "natrules/*" anchor "firewallrules" I don't see any rdr-anchor unfortunately. --Bill On 6/2/06, Rajkumar S <[EMAIL PROTECTED]> wrote:
Scott Ullrich wrote: > Take a look at /etc/inc/filter.inc. Search for squid. It should be > pretty obvious once you see how we hook that in. Thanks! I went through the code and have a small question. Suppose if I turn transparency off in the squid web interface, does this rule gets deleted automatically ? Also, rather than having the filter.inc hacked for each package, can pfsense core provide 4 (?) anchors for anchor, binat, nat and rdr, so that packages themselves can create subanchor inside them and manage the rules? I would hack the code to include some thing like $natrules .= "anchor package-anchor/*" $natrules .= "anchor package-rdr-anchor/*" $natrules .= "anchor package-nat-anchor/*" $natrules .= "anchor package-binat-anchor/*" and from my package, I will add an anchor for havp inside package-rdr-anchor and add/delete my rules in them. I am not an *that* familiar with pf, so I am not sure if this will work as intended. raj --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
