I've been working on the pf configuration for my home firewall,
including setting up ftp-proxy. I've noticed that the command is
getting cluttered with options to adjust the rules it creates to the
needs of different pf configurations. Has any thought been given to
allowing arbitrary nat, rdr and pass rules to be specified in a
configuration file (in the same syntax as for pf.conf) with macros
defined for the server, client and proxy addresses (as in the examples;
also, perhaps, a few other macros -- such as for the interfaces through
which the client and server are reachable)?
I'm not asking (let alone demanding) that anyone implement this, but
would like to know if it's been considered and rejected for some
reason, is on someone's to-do list, has never been thought about, or
whatever. It seems to me to be a good way both to avoid needing more
and more options to tweak the generated rules and to avoid the delay
involved in modifying the program whenever someone comes up with a new
need.
Thanks in advance for any info,
Dave
--
Dave Anderson
<[EMAIL PROTECTED]>
