* Matthias Bertschy <[EMAIL PROTECTED]> [2007-05-02 11:26]:
> I think this would only make sense if authpf could stand multiple
> connections from same host...
> Unfortunately, it is not possible:
> http://www.mail-archive.com/[EMAIL PROTECTED]/msg08318.html
>
> So, I still wonder why such a feature exists...
Oh for god's sake.
It matters when you play with tagging. You can tag
in the authpf rule based on $user_id and then have rules
which reference the tagged packet.
I.e. packets tagged with "beck" get different treatment
from everyone else.
...
block out on $ext_if
pass out quick on $ext_if tagged beck
pass out quick on $ext_if tagged ckuethe
pass out on $ext_if proto tcp port = {80,443,22}
...
And yes it's useful, in some situations. if you can't think
of it, probably not yours.
-Bob
