I nearly forgot all about that feature thank you for the reminder. -- Jason Hellenthal Voice: 95.30.17.6/616 JJH48-ARIN
> On Mar 10, 2014, at 10:20, Ermal Luçi <e...@freebsd.org> wrote: > > Usually pf(4) does support having dynamic ips inside its ruleset. > For example just putting the interface name as address or putting $iface:0 > for first address etc... > > Take a look an man page of pf.conf and search for the string 'Interface names > and interface group names can' > > >> On Sun, Mar 9, 2014 at 11:27 PM, Jason Hellenthal <jhellent...@dataix.net> >> wrote: >> You'll want to not use up addresses in your pf.conf >> >> Block on default and then open up by definition of ports instead. Forget the >> whole IPAddr thing and treat this as a roaming client firewall. >> >> >> -- >> Jason Hellenthal >> Voice: 95.30.17.6/616 >> JJH48-ARIN >> >> > On Mar 9, 2014, at 19:18, John-Mark Gurney <j...@funkthat.com> wrote: >> > >> > Joe Nosay wrote this message on Sun, Mar 09, 2014 at 15:36 -0400: >> >> 2. How do I compensate for the use of public access points when the IP >> >> addresses will always be different? >> > >> > it doesn't appear that pf has this ability, but it looks like ipfw >> > has this, from ipfw(8): >> > me matches any IP address configured on an interface in >> > the >> > system. >> > >> > So, maybe switching to ipfw might be an option.. >> > >> > -- >> > John-Mark Gurney Voice: +1 415 225 5579 >> > >> > "All that I will do, has been done, All that I have, has not." >> > _______________________________________________ >> > freebsd-net@freebsd.org mailing list >> > http://lists.freebsd.org/mailman/listinfo/freebsd-net >> > To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" > > > > -- > Ermal
smime.p7s
Description: S/MIME cryptographic signature
