Date: Wed, 23 Dec 2009 01:40:40 +0100 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Subject: Re: How to export / save and compare PF rule sets Message-ID: <200912230140.40776.max@love2party.net> In-Reply-To: <4B315B31.7050902@quip.cz> References: <4B315B31.7050902@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 23 December 2009 00:50:09 Miroslav Lachman wrote: > scrub is before nat/rdr rules in case of "pfctl -s a" and after nat/rdr > in case of "pfctl -nvf /etc/pf.conf" The order should always be options, scrub, queues, nat, filters. pfctl -nvf only works with a different order if you have "set require-order no" in your ruleset. You should be able to fix this at your end. > Is there any other way how can I export live and saved rules in the same > format and the same order, ready to comparission by diff? you can always extract the parts individually and cat them together if you insist on keeping the ruleset unordered. Regrads, -- Max
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912230140.40776.max>