Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 17 Aug 2006 03:16:39 -0500
From:      "Travis H." <>
To:        Volker <>
Cc:        Greg Hennessy <>,
Subject:   Re: "Reset" Script, Anyone?
Message-ID:  <>
In-Reply-To: <>
References:  <000001c6bed4$680fd4d0$0a00a8c0@thebeast> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Back when NetBSD was using ipfilter, there was a way to simulate
throwing packets at a packet filter.  I wrote a regression test
harness around it, to make sure that a new config file would allow
certain basic operations and prevent a few basic operations, as a kind
of sanity check, before even loading it.

It sure would be nice if pf had something like it.  I suppose with
some preprocessing judo, you could remap the interfaces to some
temporary interface aliases you set up, but that's not a particularly
easy or comprehensive way of testing your rules.  Although I seem to
recall someone suggesting a way to do something similar... anyone have
any suggestions?
"If you're not part of the solution, you're part of the precipitate."
Unix "guru" for rent or hire -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484

Want to link to this message? Use this URL: <>