Re: Compendium of pf rules (Was: RFC#1 - chmod pf.conf )
--- Jason Houx <[EMAIL PROTECTED]> wrote:
> Daniel & pf list
>
> I like this idea { wiki } that is. Using the list
> would be fine
> but the wiki is better.
wiki works for me too. It's not so much HOW it's done
as it is THAT it's done.
Adam
__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
Re: Compendium of pf rules (Was: RFC#1 - chmod pf.conf )
--- Daniel Hartmeier <[EMAIL PROTECTED]> wrote: > So, I'm willing to contribute, but I'm not offering > to review two dozen > uncommented production rulesets all by myself :) > > Daniel I'd be more than happy to help review the rulesets but I'm pretty new to pf. Been using it about a month. Guess that's why I like the idea of seeing everybody's rulesets. :-) If anybody else is up for it though, I'd be glad to help. Adam __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
Compendium of pf rules (Was: RFC#1 - chmod pf.conf )
> > i have a good idea, how about an obfuscated > pf.conf contest? > > I have a better idea. How about an unobfuscated > pf.conf contest. > Clearest ruleset style wins. I'll buy the beer. Sorry about the double post. Damn enter key! SecurityFocus did something on their mailing list a while back that was really helpful. They asked all of their users who were using IPTABLES to send in their list of rules with clear comments explaining each rules. Once it looked like everything was received, they sent out a zip files containing all the files. Any interest in something like that for pf? __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
(Was: RFC#1 - chmod pf.conf )
> > i have a good idea, how about an obfuscated > pf.conf contest? > > I have a better idea. How about an unobfuscated > pf.conf contest. > Clearest ruleset style wins. I'll buy the beer. = Adam Shephard -- Nothing exceeds like excess -- __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
(Was: RFC#1 - chmod pf.conf )
> > i have a good idea, how about an obfuscated > pf.conf contest? > > I have a better idea. How about an unobfuscated > pf.conf contest. > Clearest ruleset style wins. I'll buy the beer. = Adam Shephard -- Nothing exceeds like excess -- __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
Re: dup-to
> BTW: couldn't we simplify things and accept just the > following: > > pass in log on $ext_if dup-to 10.1.2.3 all > Wouldn't you just define dmz_if as 10.1.2.3? i.e. dmz_if=10.1.2.3 Then use pass in log on $ext_if dup-to $dmz_if all = Adam Shephard -- Nothing exceeds like excess -- __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
