pf.conf for variable interfaces
Chad Perrin
perrin at apotheon.com
Sat Feb 9 14:22:44 UTC 2008
On Sat, Feb 09, 2008 at 11:38:22AM +0100, Erik Norgaard wrote:
> Chad Perrin wrote:
> >>How about this:
> >>
> >>ext_ifs = "{" iwi0 bge0 "}"
> >>block in quick on ext_ifs all
> >>pass out quick on ext_ifs all keep state
> >>...
> >>
> >>
> >>As long as you don't need statements like iwi0:network which you
> >>shouldn't on an endpoint, then I guess this will work.
> >
> >Thanks. That looks like the answer I wanted. I don't know why I can't
> >find any documentation that offers an example of this. Maybe I'm losing
> >my Google mojo.
>
> how about man pages? ;-)
>
> man pf.conf is a really good reference.
Yeah, I looked through that one. I didn't read every single word, but I
spent quite a bit of time on it without finding what I was looking for.
The only thing I've found there (now that I know what the solution looks
like in advance) that might have given me a clear hint is this line:
all_ifs = "{" $ext_if lo0 "}"
. . . so thanks for the not-much-help after the fact.
--
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
Baltasar Gracian: "A wise man gets more from his enemies than a fool from
his friends."
More information about the freebsd-questions
mailing list