Sergey Prisyazhniy <[EMAIL PROTECTED]> writes: > how can I automaticaly initialize pf rules without making subj > interfaces specification in /etc/pf.conf by hands?
If your rules do not specifically need to be bound to any particular interface, you can write such things as block all pass from self to any keep state or pass from 10.12.14.0/24 to any port ssh keep state it's extremely flexible really. The reason you see interface name macros so often is that people tend to find them useful, but you can do without them entirely if you like, I suppose. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds
