On Fri, 04 Apr 2003, Petter Lindquist wrote:
> > What do you mean when you say "good iplogin solution"?
> A solution that works?

Huh?  You haven't even described what the problem is, much less the
criteria for evaluating whether a proposed solution works or not.

Perhaps you are under the mistaken impression that "iplogin" is a
well-defined term that you don't have to explain?

> > > If not, is there any possibility to dynamically add and remove ipf rules
> > > in the middle of a ruleset?
> > Yes.  See the ipfw.conf(5) man page, and search for the word 'insert'.
> ipfw is not ipf.

Sorry, there was a typo in my message, but if you make the obvious
correction and search for the word 'insert' in the ipf.conf(5) man page,
you will find how to specify locations in the middle of a ruleset.
That, in conjunction with the "-r" flag described in the ipf(8) man
page, should be enough.

Here's an example.  Suppose that the following four rules are installed
in ipf's input filter:

    root# ipfstat -ln -i
    @1 pass in from 1.0.0.0/8 to any
    @2 pass in from 2.0.0.0/8 to any
    @3 pass in from 3.0.0.0/8 to any
    @4 pass in from 4.0.0.0/8 to any

Insert a new rule 3, just after the existing rule 2:

    root# echo '@3 block in from 2.50.0.0/16 to any' | ipf -f -

Notice that all the rules have been renumbered, so the old rules 3 and 4
are now numbered 4 and 5:

    root# ipfstat -ln -i
    @1 pass in from 1.0.0.0/8 to any
    @2 pass in from 2.0.0.0/8 to any
    @3 block in from 2.50.0.0/16 to any
    @4 pass in from 3.0.0.0/8 to any
    @5 pass in from 4.0.0.0/8 to any

Delete rule number 3:

    root# ipfstat -ln -i | grep '^@3 ' | ipf -r -f -

Check that it worked (and note that everything has been renumbered again):

    root# ipfstat -ln -i
    @1 pass in from 1.0.0.0/8 to any
    @2 pass in from 2.0.0.0/8 to any
    @3 block in from 2.50.0.0/16 to any
    @4 pass in from 4.0.0.0/8 to any

Similar stuff works for modifying the output filter, with "-o" instead of
"-i" in the appropriate places.

--apb (Alan Barrett)