--As of July 5, 2008 10:43:48 PM -0400, Woodchuck is alleged to have said: > What would be wrong with just adding a pair of rules: > > block drop quick from any to 192.168.1.100 > block drop quick from 192.168.1.100 to any > > supposing .100 is the Xbox? > > Have two pf.confs and a cron job. One would also want to flush > state during the load. I dunno if this is automatic or not.
--As for the rest, it is mine. Nothing really, besides the complexity (and insecurity) of the _other_ pf.conf: The Xbox needs several ports open, both in and out, including receiving data on random ports. Using the UPnP setup you can have only those ports _actually in use_ open, and they will automatically close when the the XBox is turned off, even if it is during the 'allowed' times. (Or, actually, when they time out, but that would just be a few minutes.) Also, we haven't discussed whether the XBox has a static address: I assume you could assign one, but using UPnP you can do this (easily) with a dynamic address. There is also a side benefit: Many common chat programs will also use UPnP (or the other common protocol for the same purpose, which the daemon also supports), so this would automatically shut them down for the night as well. Anyway, I mostly wanted to mention it as an option, partly because when I went looking for a daemon to support that protocol (for a couple of other things), it took me a while to find one. Daniel T. Staal --------------------------------------------------------------- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. --------------------------------------------------------------- _______________________________________________ Openbsd-newbies mailing list [email protected] http://mailman.theapt.org/listinfo/openbsd-newbies
