On Wed, Nov 10, 2010 at 01:45:16PM +0100, Tor Houghton wrote: > May I ask whether or not "per user" ownership (or permission to update) a > table is/will be possible? > > I am pondering the best mechanism for a non-root process to add/remove > addresses to a table.
You can look at sysutils/tabled in ports, which provides this functionality (permissions would be controlled by the filesystem permissions on the fifo) I don't think we'll be making /dev/pf accessible by non-root processes any time soon.