Re: Question about tables

Jonathan Weiss wrote:

Hi folks,

I have a question regarding tables that are defined in a text file, eg:

table <spam> persist file "/etc/spammers"

When is the looup done? Everytime the rule is evaluated or every time the
content of the file is changing?

Only when you load the ruleset with "pfctl -f" manually or during boot.

If I add an entry to this table like this:

echo "xxx.xxx.xxx.xxx" >> /etc/spammers

Will the new IP be included or do I have to "notify" PF that I changed

You've to notify PF, by reloading the ruleset or better just reloading
the table with something like "pfctl -t spam -Tr -f /etc/spammers"

I guess the other option is that PF is reading this file
everytime the rule is evaluated and this does not seems like a good idea if
you think about performance.


P.S: I want to build an WLAN-AC that is configured by an web interface. I
want to include the IP of an authentificated user into a table and only IPs
from the table are allowed to make connections to the internet.

You've all sort of easy way to manipulate a table using the "pfctl -t <foo> -T" commands.