mayur...@acm.org (Mayuresh) writes: >Thanks. Here the IP to whitelist is dynamic. I can arrange to put it in a >file, but it may change and the file will be modified accordingly. What's >a good way out to handle this?
If you can store the whitelist in a file, you can define a file-based npf table and reload the npf configuration or you can run npfctl to inject/remove a rule when the whitelist changes. The latter is more complicated since you need to remember the rule-id for removal.
