On 2011-11-30 20:20, Adriaan wrote:
>
> You could use a Makefile to concatenate a pf.conf from separate files.
> This can give more flexibility than provided by "include" :
Thank you very much for your elaborate solution.
To keep things a little less complex, I will probably go with includes
and
On 2011-11-30 16:14, Guido Tschakert wrote:
>
> How about a definition.conf with all your (Name,IP-Adress)-Pairs which
> is included first in your pf.conf, so your vlan.confs only include
> the rules but no definitions.
>
> guido
>
Thanks, this is probably the way to do it. Sometimes we mov
On Wed, Nov 30, 2011 at 9:22 AM, Peter Hallin wrote:
> Hello,
>
> I have some issues with pf.conf and includes that perhaps someone could
> shed some light on.
>
> Where I work, we use bridging firewalls with multiple tagged vlans
> passing the bridges, and filtering is done on the vlan interfaces
Am 30.11.2011 09:22, schrieb Peter Hallin:
> Hello,
>
> I have some issues with pf.conf and includes that perhaps someone could
> shed some light on.
>
> Where I work, we use bridging firewalls with multiple tagged vlans
> passing the bridges, and filtering is done on the vlan interfaces.
> Nor
> One way to solve it would be to put all the macros in, say,
> /etc/vlan500-macros.conf and /etc/vlan1000-macros.conf and make sure
> they are included before the rules in pf.conf, but that seems
> inconvenient to me.
that might be your best option. you can use something like pfctl to parse
rules
Hello,
I have some issues with pf.conf and includes that perhaps someone could
shed some light on.
Where I work, we use bridging firewalls with multiple tagged vlans
passing the bridges, and filtering is done on the vlan interfaces.
Normally we have around 10-20 vlans on each machine, and we ha
6 matches
Mail list logo
