[146354] in North American Network Operators' Group
Re: Firewalls - Ease of Use and Maintenance?
daemon@ATHENA.MIT.EDU (Nick Hilliard)
Wed Nov 9 15:44:55 2011
X-Envelope-To: nanog@nanog.org
Date: Wed, 09 Nov 2011 20:44:30 +0000
From: Nick Hilliard <nick@foobar.org>
To: "C. Jon Larsen" <jlarsen@richweb.com>
In-Reply-To: <alpine.DEB.2.02.1111091405410.4911@sisler>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 09/11/2011 19:07, C. Jon Larsen wrote:
> put the main portion of the conf in subversion as an include file and
> factor out local differences in the configs with macros that are defined in
> pf.conf
>
> Easy.
As I said, it's not a pf problem. Commercial firewalls will do all this
sort of thing off the shelf. It's a pain to have to write scripts to do
this manually.
Nick
