* Andres Perera <andre...@zoho.com> [2012-07-04 17:42]: > out of curiosity, how would you make pf(4) only handle rules > pertaining to a certain anchor depending on the process that's > interfacing with them? i ask because; e.g., pfctl -sr should only > show rules for that client, and other pf(4) operations need to be > equally restricted. i know that originally you said that the loading > of the rules is not up to the client but a periodic batch job, however > that does not match "CheckPoint VSX"
geez, don't act so helpless, this is unix after all. write yourself a little wrapper that, depending on the caller/source, enforces a pfctl -a anchorinquestion ... -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
