[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PF and time-based filters
On Fri, Jun 06, 2003 at 04:43:58PM -0700, Rob Connon wrote:
> I am curious to whether PF will include support in the future for
> time-based filter rules ?
Besides the main ruleset, pfctl(8) can load named rulesets into
anchor attachment points. An anchor contains a list of named rulesets.
An anchor has a name which specifies where pfctl(8) can be used to
attach sub-rulesets. A named ruleset contains filter and translation
rules, like the main ruleset.
Apply flags -f, -F and -s only to the rules in the
specified anchor and optional named ruleset ruleset. In
addition to the main ruleset, pfctl can load and manipulate
additional rulesets by name. Named rulesets are attached
at anchor points, which are also referenced by name.
Evaluation of anchor rules from the main ruleset is
described in pf.conf(5).
cron(8) and at(1) can be used to run commands at a particular time(s).