openbsd5.3-beta, pf.conf, new keyword : once

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

openbsd5.3-beta, pf.conf, new keyword : once

Wesley MOUEDINE ASSABY
Hi,

I just see this in the pf.conf manpage:

once    Creates a one shot rule that will remove itself from an active
         ruleset after the first match.  In case this is the only rule
in
         the anchor, the anchor will be destroyed automatically after
the
         rule is matched.

It is a excellent feature, is it possible to have a example of use ?

Cheers,

Wesley.

Reply | Threaded
Open this post in threaded view
|

Re: openbsd5.3-beta, pf.conf, new keyword : once

Wesley MOUEDINE ASSABY
Le 2013-02-22 16:52, Scott McEachern a écrit :

> On 02/22/13 07:43, Wesley M.A. wrote:
>> Hi,
>>
>> I just see this in the pf.conf manpage:
>>
>> once    Creates a one shot rule that will remove itself from an
>> active
>>         ruleset after the first match.  In case this is the only
>> rule in
>>         the anchor, the anchor will be destroyed automatically after
>> the
>>         rule is matched.
>>
>> It is a excellent feature, is it possible to have a example of use ?
>>
>> Cheers,
>>
>> Wesley.
>>
>
> Actually it was put in about a year and a half ago:
>
> http://www.openbsd.org/cgi-bin/cvsweb/src/share/man/man5/pf.conf.5.diff?r1=1.507;r2=1.508;f=h

my fault!

>
> Nitpicking aside, thanks for mentioning it... I didn't know about it
> either until now!

;-)

--
Wesley

Reply | Threaded
Open this post in threaded view
|

Re: openbsd5.3-beta, pf.conf, new keyword : once

Voland Levit
In reply to this post by Wesley MOUEDINE ASSABY
On Fri, Feb 22, 2013 at 04:43:35PM +0400, Wesley M.A. wrote:

> Hi,
>
> I just see this in the pf.conf manpage:
>
> once    Creates a one shot rule that will remove itself from an active
>         ruleset after the first match.  In case this is the only
> rule in
>         the anchor, the anchor will be destroyed automatically after
> the
>         rule is matched.
>
> It is a excellent feature, is it possible to have a example of use ?

For testing purpose, for DIY port knocking..