Quote:
Originally Posted by unixjingleman
...dynamically add rules to your firewall ruleset...
|
Per the
PF User's Guide's section on
anchors (link & highlight are mine...):
Quote:
|
In addition to the main ruleset, PF can also evaluate sub rulesets. Since sub rulesets can be manipulated on the fly by using pfctl(8), they provide a convenient way of dynamically altering an active ruleset. Whereas a table is used to hold a dynamic list of addresses, a sub ruleset is used to hold a dynamic set of rules. A sub ruleset is attached to the main ruleset by using an anchor.
|
No third-party tool is needed.