Re: Removing PF

["John D. Baker" <jdbaker%consolidated.net@localhost>]

On Sun, 14 Apr 2019, Mindaugas Rasiukevicius wrote:

> "John D. Baker" <jdbaker%consolidated.net@localhost> wrote:
> 
> > So, I suppose the issue is that although the interface will have
> > multiple addresses, I wish to treat each address independenly, but
> > need to do so symbolically as (at least one of) the exact addresses
> > cannot be known ahead of time or guaranteed to be current.
> 
> Would it help if you could apply a filter to the dynamic address list,
> e.g. ifaddrs(netif0, 10.0.0.0/8) or ifaddrs(netif0, ! 10.0.0.0/8)?  The
> latter would include all addresses which are not in the 10/8 network.

That might work.  There are at least 2 disparate subnets from which my
ISP may assign addresses, so I'd either need multiple filters (or filter
specification that is a list), or a filter address/mask that would cover
all of them.  That data is not available to subscribers.  I'm aware of
it only by inspection of my router during connectivity anomalies.

If the list returned by ifaddrs(netifN) can be guaranteed to be in the
same order every time, a filter by position (offset) in the list would
be much simpler for the user, say "ifaddrs(netif0, 0)".  If the filter
specification looks like an address/netmask, filter that way, otherwise
assume it's a position reference and return the Nth address in the list.


-- 
|/"\ John D. Baker, KN5UKS               NetBSD     Darwin/MacOS X
|\ / jdbaker[snail]consolidated[flyspeck]net  OpenBSD            FreeBSD
| X  No HTML/proprietary data in email.   BSD just sits there and works!
|/ \ GPGkeyID:  D703 4A7E 479F 63F8 D3F4  BD99 9572 8F23 E4AD 1645