Hi all, I have a box which is set up as follows:
fxp0 and fxp1 are the internal networks fxp2, fxp3 and fxp4 are connected to 3 different external networks for redundancy... Each time I add a rule I need to add for fxp2 and fxp3 as follows: pass in quick on fxp2 proto tcp from any to x.x.x.x/24 port = 80 flags S/SA keep state pass in quick on fxp3 proto tcp from any to x.x.x.x/24 port = 80 flags S/SA keep state pass in quick on fxp4 proto tcp from any to x.x.x.x/24 port = 80 flags S/SA keep state Is it possible for ip filter to have a virtual interface such as vir0 which will cover the real interfaces, thereby ip filter having one rule to replace 3? Eg: pass in quick on vir0 proto tcp from any to x.x.x.x/24 port = 80 flags S/SA keep state TIA, Cheers Tristan
