From owner-freebsd-pf@FreeBSD.ORG Sun May 8 19:45:33 2011 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 94747106564A for ; Sun, 8 May 2011 19:45:33 +0000 (UTC) (envelope-from jhellenthal@gmail.com) Received: from mail-iw0-f182.google.com (mail-iw0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id 4AEC38FC13 for ; Sun, 8 May 2011 19:45:33 +0000 (UTC) Received: by iwn33 with SMTP id 33so5448597iwn.13 for ; Sun, 08 May 2011 12:45:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:date:from:to:cc:subject:message-id :references:mime-version:content-type:content-disposition :in-reply-to:x-openpgp-key-id:x-openpgp-key-fingerprint :x-openpgp-key-url; bh=n8ygdZWcHUOmPSTJBvQXj9C1XQKNVnQP8OuHG1ZmBU0=; b=Atcpp4fCRSpaq3KhSiuRzzyVA274jxbcHbRZHvzwRSBSrQyI0qRR0s8QNrTGI1WveO FpmupTUrwkA0y9CHEzjgGYra8wBYuK2lXnyY6KLyyV5EQt/rtNf39wkkI1bali9h0xGv 17dgLjUl9tbuoupTj6EOAsE5yJNP498F1u7rU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:x-openpgp-key-id :x-openpgp-key-fingerprint:x-openpgp-key-url; b=sBO8wD7GCzPO3u4nI1L6i8CF/YRPCmblwfnt+2Dtbbc84RjmM509pruAangdtwh5ds vlF9awpRt3YYhwRNjD57LiPjwprfHULNDcYU+6VAM/U0f2edmI8uPPIp8dJywnzv6s7Y S+sxKrL+rCh9NzqGJHILPjnBnMFuac0GkXw/U= Received: by 10.42.164.65 with SMTP id f1mr5144198icy.499.1304883932709; Sun, 08 May 2011 12:45:32 -0700 (PDT) Received: from DataIX.net (adsl-99-190-84-116.dsl.klmzmi.sbcglobal.net [99.190.84.116]) by mx.google.com with ESMTPS id hc41sm2305410ibb.30.2011.05.08.12.45.31 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 08 May 2011 12:45:31 -0700 (PDT) Sender: "J. Hellenthal" Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.4/8.14.4) with ESMTP id p48JjSpu008158 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 8 May 2011 15:45:29 -0400 (EDT) (envelope-from jhell@DataIX.net) Received: (from jhell@localhost) by DataIX.net (8.14.4/8.14.4/Submit) id p48JjSIJ008157; Sun, 8 May 2011 15:45:28 -0400 (EDT) (envelope-from jhell@DataIX.net) Date: Sun, 8 May 2011 15:45:28 -0400 From: Jason Hellenthal To: Oguz Yilmaz Message-ID: <20110508194527.GD3527@DataIX.net> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="FkmkrVfFsRoUs1wW" Content-Disposition: inline In-Reply-To: X-OpenPGP-Key-Id: 0x89D8547E X-OpenPGP-Key-Fingerprint: 85EF E26B 07BB 3777 76BE B12A 9057 8789 89D8 547E X-OpenPGP-Key-URL: http://bit.ly/0x89D8547E Cc: freebsd-pf@freebsd.org Subject: Re: using ?include? like statement in pf.conf to include some parts from other files X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 May 2011 19:45:33 -0000 --FkmkrVfFsRoUs1wW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Oguz, On Sun, May 08, 2011 at 08:39:05PM +0300, Oguz Yilmaz wrote: > Hi, >=20 > I want to be able to include some parts of my pf.conf from other set of f= iles. >=20 > For example I will include "set timeout" vs like statements in another fi= le. >=20 > Using anchors and "load anchor from file" statements will not help > because anchor can not hold such GLOBAL OPTIONS. In case I set those > macros and set statement in a anchor it will be valid for the anchor > or not valid at all (set statemenets). >=20 At this time as I know, this functionality is not available in pf41 that=20 is and has been a part of FreeBSD for quite some time and believe it still= =20 is a part of -CURRENT. There has been some work on getting pf up-to-date as of pf45 where there=20 is a patch that is available for -CURRENT only but I am not aware as if it= =20 supports the functionality you desire. If that is something you are interested in and know is a part of pf45,=20 then you are welcome to upgrade to -CURRENT and apply that patchset if=20 needs be to help test while achieving your objectives. Some of the work has been done here: http://svn.freebsd.org/base/user/eri/pf45/head/ And there are various other messages on the lists that you are welcome to= =20 search for if interested. Good Luck. --=20 Regards, (jhell) Jason Hellenthal --FkmkrVfFsRoUs1wW Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (FreeBSD) Comment: http://bit.ly/0x89D8547E iQEcBAEBAgAGBQJNxvLXAAoJEJBXh4mJ2FR+hD0H/2UbzBPgUQ0GwaGsiC/zhucw P1howiO9v0hhskftbNHnggsuchP0FyW6zpjpm8Ku/krZkcohD2sBRXySn6YYpJcr QHBMlN+CsUKVYfxfD2JBOs3sJEaaozgzAsFZrLnZJ90w004Dtx5kOkznLlMrAo7j 2qd2ph4HQFaL1SRslBUrxvrzcPwVISDLcu1gw9Lz8uTedsb2+RweXnLRYTkKyTsD jsQW8vvrnmnfmhd73aAc2kiHL4359DGdSu2oRwzXEoY6+SgoVATJIlDra1jdumym Lg0Yo+KNNwOda+FQbNLqCosaIivYf+IZx4A0+SF6Vi+NBY2E/pfOv0drWusr73Q= =1rdv -----END PGP SIGNATURE----- --FkmkrVfFsRoUs1wW--