On Sat, Feb 17, 2007 at 04:24:33AM +0530, Siju George wrote: > The following mail was sent to the PF list but it bounced. Hope there > are no problems :-) > > Hi, > > I have two internet connections > > 1) Connected to "rl1" is the main one. > 2) connected to "rl2" is the backup one. > > "sk0" is connected to the LAN interface. > > to switch between the connections I use a script that will replace the > "/etc/pf.conf" with the appropriate file from below. > > 1) /etc/pf-confs/pf.conf.internet-connection-main > 2) /etc/pf-confs/pf.conf.internet-connection-bkp > > in the first file "ext_if" is "rl1" > in the second file "ext_if" is "rl2" > > the problem is now I am going to have authpf users who will > authenticate from the outside world. > > as I have to define the interfaces in the "authpf.rules" file if i put > > ext_if = "rl1" > > then as I switch to the second internet connection external interface > becomes "rl2" > > and authpf will not work unless i re write the "authpf.rules" file > also for all rules too. > > how do i solve this situation easily? >
Interface groups, especially the egress group. See also ifconfig(8). -- :wq Claudio
