Re: pf.conf propagation

Previous thread: Cardbus EHCI issues on Tecra 520CDT by David Given on Tuesday, March 20, 2007 - 3:24 pm. (2 messages)

Next thread: Meeting request by El Cid on Tuesday, March 20, 2007 - 4:43 pm. (1 message)

[view original message]

From: Alexander Lind

Subject: pf.conf propagation

Date: Tuesday, March 20, 2007 - 3:29 pm

Hello misc.

Can anyone recommend a pf propagation script, intended to be used to 
spread changes from one carp:ed openbsd firewall to another?

I found one bash script which seems to do a decent job here:
http://archives.neohapsis.com/archives/openbsd/2006-11/1134.html

But it requires bash and supports only two firewalls.

Also does anyone know if there are any plans to make this pf.conf 
propagation a feature in openbsd itself?

Alec

[ message continues ]

[view original message]

From: Kian Mohageri

Subject: Re: pf.conf propagation

Date: Tuesday, March 20, 2007 - 3:44 pm

for host in fw1 fw2 fw3 fw4 fw5; do scp ~/master.pf.conf
${host}:/etc/pf.conf; done

-- 
Kian Mohageri

[ message continues ]

[view original message]

From: Joachim Schipper

Subject: Re: pf.conf propagation

Date: Tuesday, March 20, 2007 - 4:38 pm

This is trivially scripted (the posted scp solution is perfectly
sensible). But do take a look at carp(4), pfsync(4), and so on.

		joachim

[ message continues ]

[view original message]

From: Didier Wiroth

Subject: Re: pf.conf propagation

Date: Wednesday, March 21, 2007 - 1:18 am

Hello,
You may want to have a look at
/usr/ports/sysutils/tentakel


--

[ message continues ]


linux-kernel:
Michael Trimarchi	Re: [PATCH] VFS: make file->f_pos access atomic on 32bit arch
Miklos Szeredi	[patch 14/15] vfs: more path_permission() conversions
Serge E. Hallyn	Re: [RFC v5][PATCH 7/8] Infrastructure for shared objects
Bernd Schmidt	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Takashi Iwai	[PATCH 2/2] input: Add LED support to Synaptics device
git:
Junio C Hamano	Re: mingw, windows, crlf/lf, and git
Eyvind Bernhardsen	Re: Where has "git ls-remote" reference pattern matching gone?
Shawn O. Pearce	Re: Switching from CVS to GIT
Todd Zullinger	Re: [PATCH 2/2] send-email: rfc2047-quote subject lines with non-ascii characters
Santi Béjar	Re: How to use git-fmt-merge-msg?
linux-netdev:
Ramkrishna Vepa	[net-2.6 PATCH 1/10] Neterion: New driver: Driver help file
Mark Anthony	invitation / inquiry
Ingo Molnar	Re: [PATCH 08/16] dma-debug: add core checking functions
David Miller	Re: [PATCH 1/3] f_phonet: dev_kfree_skb instead of dev_kfree_skb_any in TX callback
Sascha Hauer	[PATCH 03/12] fec: do not typedef struct types
git-commits-head:
Linux Kernel Mailing List	amba: struct device - replace bus_id with dev_name(), dev_set_name()
Linux Kernel Mailing List	MIPS: Yosemite: Convert SMP startup lock to arch spinlock.
Linux Kernel Mailing List	ARM: S5PC100: IRQ and timer
Linux Kernel Mailing List	davinci: edma: clear interrupt status for interrupt enabled channels only
Linux Kernel Mailing List	x86, mm, kprobes: fault.c, simplify notify_page_fault()
openbsd-misc:
Daniel A. Ramaley	Re: [semi-OT] Can anyone recommend an OpenBSD-compatible colour laser printer?
Matthias Kilian	Re: can't get vesa @ 1280x800 or nv
Tobias Ulmer	Re: Problem after upgrade 4.5 to 4.6: ERR M
Philip Guenther	Re: SIGCHLD and libpthread.so
J.C. Roberts	Re: [semi-OT] Can anyone recommend an OpenBSD-compatible colour laser printer?