From owner-freebsd-pf@FreeBSD.ORG Sun May 8 21:53:04 2011 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 562AB106566C for ; Sun, 8 May 2011 21:53:04 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25]) by mx1.freebsd.org (Postfix) with ESMTP id F32358FC08 for ; Sun, 8 May 2011 21:53:03 +0000 (UTC) Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id DBA9D25D388B; Sun, 8 May 2011 21:53:02 +0000 (UTC) Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id 8F6D1159F14C; Sun, 8 May 2011 21:53:01 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id 899+1ZUNjk+y; Sun, 8 May 2011 21:53:00 +0000 (UTC) Received: from orange-en1.sbone.de (orange-en1.sbone.de [IPv6:fde9:577b:c1a9:31:cabc:c8ff:fecf:e8e3]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id 23A9A159EF99; Sun, 8 May 2011 21:52:59 +0000 (UTC) Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: "Bjoern A. Zeeb" In-Reply-To: <20110508194527.GD3527@DataIX.net> Date: Sun, 8 May 2011 21:52:58 +0000 Content-Transfer-Encoding: quoted-printable Message-Id: References: <20110508194527.GD3527@DataIX.net> To: Jason Hellenthal X-Mailer: Apple Mail (2.1084) Cc: freebsd-pf@freebsd.org Subject: Re: using ?include? like statement in pf.conf to include some parts from other files X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 May 2011 21:53:04 -0000 On May 8, 2011, at 7:45 PM, Jason Hellenthal wrote: >=20 > Oguz, >=20 > On Sun, May 08, 2011 at 08:39:05PM +0300, Oguz Yilmaz wrote: >> Hi, >>=20 >> I want to be able to include some parts of my pf.conf from other set = of files. >>=20 >> For example I will include "set timeout" vs like statements in = another file. >>=20 >> Using anchors and "load anchor from file" statements will not help >> because anchor can not hold such GLOBAL OPTIONS. In case I set those >> macros and set statement in a anchor it will be valid for the anchor >> or not valid at all (set statemenets). >>=20 >=20 > At this time as I know, this functionality is not available in pf41 = that=20 > is and has been a part of FreeBSD for quite some time and believe it = still=20 > is a part of -CURRENT. >=20 > There has been some work on getting pf up-to-date as of pf45 where = there=20 > is a patch that is available for -CURRENT only but I am not aware as = if it=20 > supports the functionality you desire. >=20 > If that is something you are interested in and know is a part of pf45,=20= > then you are welcome to upgrade to -CURRENT and apply that patchset if=20= > needs be to help test while achieving your objectives. >=20 > Some of the work has been done here: > http://svn.freebsd.org/base/user/eri/pf45/head/ http://svnweb.freebsd.org/base/projects/pf/pf45/ I hope Ermal will post the final patch RSN and put it into HEAD = afterwards. >=20 > And there are various other messages on the lists that you are welcome = to=20 > search for if interested. >=20 >=20 > Good Luck. >=20 > --=20 >=20 > Regards, (jhell) > Jason Hellenthal >=20 --=20 Bjoern A. Zeeb You have to have visions! Stop bit received. Insert coin for new address family.