inclusion of subconfig files like on openbsd

Damien Fleuriot ml at my.gd
Fri Dec 17 11:22:01 UTC 2010


Hello list,



I apologize if the question has been asked already but I couldn't find
it in the ML archives nor in the FreeBSD9 roadmap.

I was wondering if there are plans to mimic OpenBSD's mechanism which
lets one include a subconfig file from the main pf.conf file.

As in:

include "/etc/pf/interface_defs"
include "/etc/pf/table_defs"
include "/etc/pf/timeout_defs"
...
and so on.


What are your views on this feature ?

We're highly interested in it here, it would allow us much more flexibility.

I know we can sort of achieve the same result with anchors for the
rules and nat/rdr, but these are much less practical.



Regards,

--
Damien


More information about the freebsd-pf mailing list