On Fri, Feb 15, 2013 at 8:42 PM, Theo de Raadt <dera...@cvs.openbsd.org>wrote:
> > I was wondering why nobody has ever created a shell for pf so that you > > could manipulate it in a way similar to JunOS instead of editing > > pf.conf. Also show / monitor commands. Hierarchical edit mode, stuff > > like that. > > Because pf does not follow the configuration model of a switch or > router, or other such device, which have much simpler configuration. > > pf is capable of doing things *much much more complex*. > > If you spent 1 hour trying to build what you wonder about, rather than > writing such a mail, you would begin to understand the problem. > > and pfctl do a lot -- --------------------------------------------------------------------------------------------------------------------- () ascii ribbon campaign - against html e-mail /\
