I've read the authpf section of the pf FAQ, as well as authpf(8), login.conf(5), and the relevant chapters in Michael Lucas' most excellent book, but I have not seen anything that indicates how to simplify the administration of authpf rules using groups. What I'd like to do is have one authpf ruleset for employees, one for administrators, one for each client, one for vendors, etc. Obviously, I could create authpf.rules files for each of those groups, then manually copy the appropriate version of the file to /etc/authpf/users/$USER/authpf.rules when the user is created, but I wanted to make sure I wasn't missing something built in to authpf that might simplify matters.
I *am* fairly new to OpenBSD, though I am experienced with other *nixes, so if I have missed the appropriate section of the documentation, please feel free to tell me to RTFM (though pointing me to the right section would be helpful :) Regards, Chris