A problem that seems to come up over and over again with egress filtering firewalls are sites that move IPs so the names need to be resolved periodically and rules updated.
I recently migrated to using pf and was wondering if anyone had suggestions for how they tackle this problem. I realize I could create cron jobs with scripts to do this, but was curious if there was a better way. I'd eventually like to track changes and log them as well. Cheers, Austin
