Travis H. wrote:
If you wish to take advantage of this, you can model your script after
static_example.py --- it is not necessary to use the whole twisted
run-time event loop if you just want a static config file.
For the code, see the URL in my sig and look for "Dynamic Firewall Daemon".
Uh well, the whole point is not to use any scripts. DFD doesn't solve
any problem I'm having, it'd rather make my already over-engineered
pf.conf completely incomprehensible (if you want to know what I'm doing,
drop me a line and I'll mail you my pf.conf.)
When I wrote the one or other hellish iptables script, i always made it
so that i get a configuration file in the end where I, for example, test
if a variable is empty and iterate through its white-space separated
contents in a for loop, generating some rules in some silly chain. With
pf, these cludges are not necessary. The only thing that I cannot yet do
with pf is completely configure these kind of things through macros --
curly-bracket-lists must have content. I can't pre-configure and then
adjust as necessary all the way. Hence my (low-priority) feature request.
Moritz
P.S.: Gmail is doing weird stuff (retry every 24h or so) and doesn't get
past my spamd (greylisting+spews configured with all-defaults). Use my
gtgbr at gmx dot net address if you want to mail me directly.