Roy Morris wrote:
I would like to be able to add/remove a rule from
the command line on those systems which
may have only a ram drive and or read only
pf.conf. Anyone know how to do it, or would
you need to create a new pf.conf in memory
someplace and then load it?
Maybe using anchors is the way to go?
Otherwise you can load rules from stdin, so maybe something like
{ grep -v 'regexp that matches rule(s) to remove' < /etc/pf.conf; \
echo "Rules to add\nAnother rule to add"; } | pfctl -ef -
would work?
/Alexander
