PF, The OpenBSD Packet Filter: Building The Network You Need: BSDCan, Ottawa, June 10th 2015 | ||
---|---|---|
Prev | Next |
It's possible to generate tags based on these variables:
$if - The interface.
$srcaddr - The source IP address.
$dstaddr - The destination IP address.
$srcport - The source port specification.
$dstport - The destination port specification.
$proto - The protocol name.
$nr - The rule number.
pass in on $int_if from $int_if:network tag "$srcaddr-$if-$nr" # [ ... ] pass out on $ext_if tagged "2001:16d8:ccbc:baad::/64-ral0-0"
NOTE: These expand at ruleset load time.