Re: NPF and multiple group entrance

To: netbsd-users%netbsd.org@localhost
Subject: Re: NPF and multiple group entrance
From: christos%astron.com@localhost (Christos Zoulas)
Date: Sun, 21 Feb 2016 23:42:32 +0000 (UTC)

In article <20160221221105.GA8057%laura.ws.pu.ru@localhost>,
Dima Veselov  <kab00m%lich.phys.spbu.ru@localhost> wrote:
>Hello!
>
>I migrate from ipfilter to npf due to ipf issues in 7.0, but have
>a question:
>
>Is there a possibility to make two entrance for one group?
>
>for example if I have:
>
>$ext_if = {inet4(vlan112), inet4(vlan113)};
>group "external" on $ext_if {
>	<rules here>
>}
>
>the result will be:
>
># npfctl show
>group "external" on vlan112 
>	pass stateful out final all 
>	...
>
>As you can see - I can't find a way to make a group working for few interfaces
>at once, but I don't want to repeat group every time, having two
>external interfaces and several internal.
>
>Thanks in advance!

Sure we can add some syntax to help with this... Any ideas?

	use group "name"

christos

Follow-Ups:
- Re: NPF and multiple group entrance
  - From: Dima Veselov

References:
- NPF and multiple group entrance
  - From: Dima Veselov

Prev by Date: NPF and multiple group entrance
Next by Date: Re: Exist operating systems that ship without blobs?
Previous by Thread: NPF and multiple group entrance
Next by Thread: Re: NPF and multiple group entrance
Indexes:

Home | Main Index | Thread Index | Old Index