pf.conf for variable interfaces
Derek Buttineau
derek at csolve.net
Fri Feb 8 14:03:52 UTC 2008
On 2008-Feb-08, at 8:38 AM, Chad Perrin wrote:
> I'm setting up PF on a FreeBSD laptop that sometimes uses the wireless
> device (iwi0) as its external interface, and sometimes uses the RJ-45
> ethernet device (bge0) as its external interface. Unfortunately, I
> haven't figured out yet how to make that happen.
>
> I'd like to be able to have the $ext_if value change depending on
> which
> interface is active and being used to connect to the outside world.
> Do I
> just need to create two full sets of rules in my pf.conf (or use a
> script
> to rewrite that file from scratch each time), even though I'll be
> using
> exactly the same rules for PF regardless of which interface I'm
> using, or
> is there some simple way to avoid that sort of redundancy? What am I
> overlooking?
>
You can add a macro that will apply rules to both interfaces
simultaneously. i.e.
lan_if = "bge0"
wi_if = "iwi0"
ext_if = "{" lan_if wi_if "}"
block in on $ext_if all
I know it's not dynamically updating but should suffice.
--
Regards,
Derek Buttineau
Internet Systems Developer
Compu-SOLVE Internet Services
Compu-SOLVE Technologies, Inc
Phone: 705-725-1212 x255
E-Mail: derek at csolve.net
More information about the freebsd-questions
mailing list