[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC: dynamic rules



On Mon, Oct 14, 2002 at 04:46:33PM -0400, Mike Frantzen wrote:
> Aha!  That is a real issue.  The way we had talked about solving that up
> in Calgary was to extend proc so rules could be tied to a process.  When
> the process goes away, it calls back into PF which removes the rules.
> Were we talking about that in Calgary or in DC a year ago??
That was Calgary, on the couches in front of the conference rooms, where
other hotel guests looked a bit scared at this crows af crazy guys ;-)
> Hell, I
> can't remember.  Bob was running around in a tizzy with excitement
> though (now that was a sight!)
oh yeah...
> > Now, after all that talk, I should note that, with proper usage of
> > static rules (especially the user keyword) most proxy servers would
> > never need to insert rules (or can be designed to remove that requirement)
> > However there are isolated cases where it would be useful see
> > the recent post by Matthew Sweet for instance. That is why I could not
> > easily come up with a real world example.
> It is a cool concept, I'll give you that.  But I still don't see the
> problem you're trying to solve.
yeah, I see a lot of complexity, and I'm not sure for what. I don't see the
benefit right now.