> > You wouldn't complain if you put a 'rm -f /' at the end of
> > /etc/rc.local, now would you ? You won't get a warning for it either.
>
> that can be fixed.
>
> Index: rm.c
> ===
> RCS file: /cvs/src/bin/rm/rm.c,v
> retrieving rev
On 2009-07-17, Paul de Weerd wrote:
>
> You wouldn't complain if you put a 'rm -f /' at the end of
> /etc/rc.local, now would you ? You won't get a warning for it either.
that can be fixed.
Index: rm.c
===
RCS file: /cvs/src/bin/rm/
Holger, we should adhere to KISS principle.
So, pf rulesets are fine like they are if they are working as expected,
and this is our case. If you're missing some warning feature maybe you
would try to write an aux app -` la lint for C- that could parse a
pf.conf and look for suspect behaviour.
On Fri, Jul 17, 2009 at 11:11:22AM +0200, Holger Glaess wrote:
| you are right but i think it is really helpful if pfctl give an
| warning if he found those kind of line that you can decide if this
| rule to want or a miss typo that have to be correct.
And the next guy wants a warning when you blo
> On Fri, Jul 17, 2009 at 10:35:03AM +0200, Holger Glaess wrote:
> | sorry ... for my bad ugly english i have less practice .
> |
> |
> | i talk about from a line with just "pass" nothing else.
> |
> |
> | example.
> |
> | pf.conf -
> |
> |
> | block in on wan all
> | block out on wan
On Fri, Jul 17, 2009 at 10:35:03AM +0200, Holger Glaess wrote:
| sorry ... for my bad ugly english i have less practice .
|
|
| i talk about from a line with just "pass" nothing else.
|
|
| example.
|
| pf.conf -
|
|
| block in on wan all
| block out on wan all
|
| # correct li
> On Fri, Jul 17, 2009 at 09:59:51AM +0200, Holger Glaess wrote:
>
>> hi
>>
>> as an result of missconfiguration i found a line
>> with just an "pass".
>>
>> why did not detect the pfctl syntax parser a single lonely pass ?
>>
>> is this commando first valid if they have options , parameter like
>>
On Fri, Jul 17, 2009 at 09:59:51AM +0200, Holger Glaess wrote:
| hi
|
| as an result of missconfiguration i found a line
| with just an "pass".
|
| why did not detect the pfctl syntax parser a single lonely pass ?
|
| is this commando first valid if they have options , parameter like
| on interf
On Fri, Jul 17, 2009 at 09:59:51AM +0200, Holger Glaess wrote:
> hi
>
> as an result of missconfiguration i found a line
> with just an "pass".
>
> why did not detect the pfctl syntax parser a single lonely pass ?
>
> is this commando first valid if they have options , parameter like
> on inter
On 2009-07-17, Holger Glaess wrote:
> hi
>
> as an result of missconfiguration i found a line
> with just an "pass".
>
> why did not detect the pfctl syntax parser a single lonely pass ?
>
> is this commando first valid if they have options , parameter like
> on interface from a to b ?
>
>
> in my
hi
as an result of missconfiguration i found a line
with just an "pass".
why did not detect the pfctl syntax parser a single lonely pass ?
is this commando first valid if they have options , parameter like
on interface from a to b ?
in my mind the parser have to bring at least a warning it kil
11 matches
Mail list logo
