: http://www.wolfermann.org/pftabled.html
Download: http://www.wolfermann.org/pftabled-1.04.tar.gz
Regards,
Armin Wolfermann
* Russell Fulton [EMAIL PROTECTED] [10.03.2004 05:10]:
In mid January I asked if anyone had written a daemon to allow one to
modify pf tables from another system (eg an authentication system where
people are logging in). Someone replied off list and now I that I
really need the
* Ed White [EMAIL PROTECTED] [19.01.2004 16:14]:
I would like to know if there is any plan to limit the number of bytes
a TCP connection can transfer. The idea is to drop/close the
connection after $SIZE bytes have been transferred.
This is a first cut at this idea. It implements a per-state
* Russell Fulton [EMAIL PROTECTED] [15.01.2004 05:00]:
We are also looking at moving many of our 'standard' machines to dynamic
table whereby they will have to log in to a 'service' which will open up
their access through the firewall and inform our traffic meter which
user is on the
.
Server example:
# pftabled -d -p spamd
Client example:
$ pftabled-client fw.example.com add 1.2.3.4
Homepage: http://www.wolfermann.org/pftabled.html
Download: http://www.wolfermann.org/pftabled-1.01.tar.gz
Regards,
Armin Wolfermann
* Peter Gorsuch [EMAIL PROTECTED] [08.03.2003 00:01]:
pass in inet proto { tcp, udp } from any to any port 5899 5911 keep state
pass out inet proto { tcp, udp } from any to any port 5899 5911 keep
state
pass in inet proto { tcp, udp } from any to any port 5799 5811 keep state
pass out inet
Hi,
the pf.conf(5) man page states Macros are not expanded recursively.
Luckily this is not always true:
% cat pf.conf
host1 = 1.1.1.1
host2 = 2.2.2.2
host3 = 3.3.3.3
hostgroup = $host1 $host2 $host3
pass in on rl0 from any to { $hostgroup }
% pfctl -vvnf pf.conf
host1 = 1.1.1.1
host2 =