Usually pf(4) does support having dynamic ips inside its ruleset. For example just putting the interface name as address or putting $iface:0 for first address etc...
Take a look an man page of pf.conf and search for the string 'Interface names and interface group names can' On Sun, Mar 9, 2014 at 11:27 PM, Jason Hellenthal <jhellent...@dataix.net>wrote: > You'll want to not use up addresses in your pf.conf > > Block on default and then open up by definition of ports instead. Forget > the whole IPAddr thing and treat this as a roaming client firewall. > > > -- > Jason Hellenthal > Voice: 95.30.17.6/616 > JJH48-ARIN > > > On Mar 9, 2014, at 19:18, John-Mark Gurney <j...@funkthat.com> wrote: > > > > Joe Nosay wrote this message on Sun, Mar 09, 2014 at 15:36 -0400: > >> 2. How do I compensate for the use of public access points when the IP > >> addresses will always be different? > > > > it doesn't appear that pf has this ability, but it looks like ipfw > > has this, from ipfw(8): > > me matches any IP address configured on an interface in > the > > system. > > > > So, maybe switching to ipfw might be an option.. > > > > -- > > John-Mark Gurney Voice: +1 415 225 5579 > > > > "All that I will do, has been done, All that I have, has not." > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" > -- Ermal _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
