On Thu, 24 Jul 2008 00:00:09 +0200 Henning Brauer <[EMAIL PROTECTED]> wrote:
> * Duncan Patton a Campbell <[EMAIL PROTECTED]> [2008-07-23 21:28]: > > Howdy List? > > > > According to the man page on pfctl > > > > " > > -m Merge in explicitly given options without resetting those which > ^^^^^^^ > > are omitted. Allows single options to be modified without dis- > > turbing the others: > > > > # echo "set loginterface fxp0" | pfctl -mf - > > " > > > > using the -m parm should allow allow a rule to be merged into the current > > set, > ^^^^ Ok, so I go echo 'pass out on vr0 proto esp all keep state' | pfctl -mf - pfctl -a '*' -sr pass out on vr0 proto esp all keep state so all my previous rules are still gone. And echo 'pass out on vr0 proto esp all keep state' | pfctl -mf /etc/pf/pf.conf pfctl -a '*' -sr pass out on vr0 proto esp all keep state which means that the file load is done over top of the echo input and erases it. Dhu > > option != rule > > -- > Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] > BS Web Services, http://bsws.de > Full-Service ISP - Secure Hosting, Mail and DNS Services > Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
