[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question about tables



Jonathan Weiss wrote:

Hi folks,



I have a question regarding tables that are defined in a text file, eg:

table <spam> persist file "/etc/spammers"

When is the looup done? Everytime the rule is evaluated or every time the
content of the file is changing?

Only when you load the ruleset with "pfctl -f" manually or during boot.


If I add an entry to this table like this:


echo "xxx.xxx.xxx.xxx" >> /etc/spammers

Will the new IP be included or do I have to "notify" PF that I changed
something?

You've to notify PF, by reloading the ruleset or better just reloading
the table with something like "pfctl -t spam -Tr -f /etc/spammers"

I guess the other option is that PF is reading this file
everytime the rule is evaluated and this does not seems like a good idea if
you think about performance.

Yep.

P.S: I want to build an WLAN-AC that is configured by an web interface. I
want to include the IP of an authentificated user into a table and only IPs
from the table are allowed to make connections to the internet.

You've all sort of easy way to manipulate a table using the "pfctl -t <foo> -T" commands.
Cedric