Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Allow specifying pf_rules file to patch on init #181

Merged
merged 1 commit into from
Oct 19, 2021
Merged

Allow specifying pf_rules file to patch on init #181

merged 1 commit into from
Oct 19, 2021

Conversation

grembo
Copy link
Collaborator

@grembo grembo commented Oct 16, 2021

When altering more complex setups automatically, pot's
way of patching pf.conf is a bit too simplistic.

By adding this flag, the user has multiple choices of modifying
pf.conf in a controlled way:

  1. Write to a different file that's included in pf.conf
    using its include keyword.
  2. Write to a different file that's parsed by additional
    tooling to assemble a pf.conf (e.g., in automation).
  3. In setups where pots modifications serve no real purpose,
    running pot init -f '' can be used to skip touching
    pf.conf completely.

Help text intentionally shows the default to be determined
by a command, not the result of it.

This is the first patch of a series, with more complex ones
to follow, which serve the ultimate purpose of making pot's
networking more flexible/customizable using hooks, so it
can be integrated into different network environments (as
one size doesn't fit all).

@grembo
Allow specifying pf_rules file to patch on init
42f28de 
When altering more complex setups automatically, pot's
way of patching pf.conf is a bit too simplistic.

By adding this flag, the user has multiple choices of modifying
pf.conf in a controlled way:

1. Write to a different file that's included in pf.conf
   using its include keyword.
2. Write to a different file that's parsed by additional
   tooling to assemble a pf.conf (e.g., in automation).
3. In setups where pots modifications serve no real purpose,
   running `pot init -f ''` can be used to skip touching
   pf.conf completely.

Help text intentionally shows the default to be determined
by a command, not the result of it.

This is the first patch of a series, with more complex ones
to follow, which serve the ultimate purpose of making pot's
networking more flexible/customizable using hooks, so it
can be integrated into different network environments (as
one size doesn't fit all).
@grembo grembo force-pushed the init-pf-file-location branch from 95edf32 to 42f28de Compare October 16, 2021 20:37
pizzamig
pizzamig approved these changes Oct 19, 2021
View reviewed changes
Copy link
Collaborator

@pizzamig pizzamig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@pizzamig pizzamig merged commit 15e944c into bsdpot:master Oct 19, 2021
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@pizzamig pizzamig pizzamig approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@grembo @pizzamig