Setup: OpenBSD 3.8 using authpf is control individual user access. Users authenticate by logging in with ssh and obtain access to praticular IP addresses.
Problem: If we change the users rulesets while they're logged in, these changes won't be reflected until they log back in. Is there a way to update the rules without killing the users authpf instance and having them log back in? Example: # cat /etc/authpf/users/cyoub/authpf.rules external_if = "bge0" internal_if = "bge1" pass in quick on $external_if from $user_ip to 172.16.0.0/22 pass in quick on $external_if from $user_ip to 172.16.4.0/22 pass in quick on $external_if from $user_ip to 172.16.8.0/22 <-- I add this after I authenticate. cyoub 18023 0.0 0.1 488 800 p2 Ss+ 3:53PM 0:00.04 -authpf: [EMAIL PROTECTED] (authpf) 1) I authenticate via ssh 2) I access my now available IP resources 3) My authpf.rules file gets newly updated while I'm logged in 4) I cannot access my newly updated IP resources 5) I "kill -TERM 18023", or if I "kill -HUP 18023" and kill my session 6) I re-authenticate via ssh 7) I access my now available IP resources AND my newly updated IP resources How can I skip #4-6? -- View this message in context: http://www.nabble.com/authpf---update-user-rules-without-kicking-them-out-tf3370107.html#a9377193 Sent from the openbsd user - misc mailing list archive at Nabble.com.
