You can write a script to automatically generate tour rules file similiar to the one recently announced on deadly.org:
http://www.deadly.org/article.php3?sid=20020919022924 Another approach is to modify authpf to add/remove rules based on your requirements. Finally, I have been working on a way to add temporary rules to pf It works by inserting a rule template to pf.conf and later, dynamically specifying rule parameters (src/dest host/port etc.) these specific instances expire based on time and/or activation count. The advantage is that the programming interface is much simpler than authpf way of adding/removing rules, furthermore, they expire automatically. You dont need a cron job to turn remove them later. The disadvantage is that, for normal (non nat/rdr) rules, you can almost always come up with other ways of achieving similiar results like the two alternatives I have already given above ;) Can On Mon, Oct 14, 2002 at 01:08:40PM -0500, Matthew Sweet wrote: > Hello, > > Sorry to bother everyone with this miniscule question. I am trying to > figure out how to add temporary rules to pass traffic for a particular > service? > > What I am trying to do is set up a test ftp server for Internet > customers to use on a controlled basis. A tech would run a command (via > sudo running from a menu-driven script) and enable temporarily the IP > address the customer resides on to test. The IP would stay open for x > hours. I would then have a cron job reset the firewall rulesets to the > default on a pre set time. > > Any suggestions would be appreciated. > > Thanks, > > Matt >
