[146346] in North American Network Operators' Group
Re: Firewalls - Ease of Use and Maintenance?
daemon@ATHENA.MIT.EDU (C. Jon Larsen)
Wed Nov 9 14:07:20 2011
Date: Wed, 9 Nov 2011 14:07:10 -0500 (EST)
From: "C. Jon Larsen" <jlarsen@richweb.com>
To: Nick Hilliard <nick@foobar.org>
In-Reply-To: <4EBACD73.60609@foobar.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, 9 Nov 2011, Nick Hilliard wrote:
> On 09/11/2011 15:18, Jonathan Lassoff wrote:
>> I've found that this works decently well, via pfsync.
>
> I meant config sync, not state sync.
put the main portion of the conf in subversion as an include file and
factor out local differences in the configs with macros that are defined
in pf.conf
Easy.
