Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow specifying pf_rules file to patch on init #181

Merged
merged 1 commit into from Oct 19, 2021
Merged

Allow specifying pf_rules file to patch on init #181

merged 1 commit into from Oct 19, 2021

Conversation

grembo
Copy link
Collaborator

@grembo grembo commented Oct 16, 2021

When altering more complex setups automatically, pot's
way of patching pf.conf is a bit too simplistic.

By adding this flag, the user has multiple choices of modifying
pf.conf in a controlled way:

  1. Write to a different file that's included in pf.conf
    using its include keyword.
  2. Write to a different file that's parsed by additional
    tooling to assemble a pf.conf (e.g., in automation).
  3. In setups where pots modifications serve no real purpose,
    running pot init -f '' can be used to skip touching
    pf.conf completely.

Help text intentionally shows the default to be determined
by a command, not the result of it.

This is the first patch of a series, with more complex ones
to follow, which serve the ultimate purpose of making pot's
networking more flexible/customizable using hooks, so it
can be integrated into different network environments (as
one size doesn't fit all).

@grembo
Allow specifying pf_rules file to patch on init
42f28de 
When altering more complex setups automatically, pot's
way of patching pf.conf is a bit too simplistic.

By adding this flag, the user has multiple choices of modifying
pf.conf in a controlled way:

1. Write to a different file that's included in pf.conf
   using its include keyword.
2. Write to a different file that's parsed by additional
   tooling to assemble a pf.conf (e.g., in automation).
3. In setups where pots modifications serve no real purpose,
   running `pot init -f ''` can be used to skip touching
   pf.conf completely.

Help text intentionally shows the default to be determined
by a command, not the result of it.

This is the first patch of a series, with more complex ones
to follow, which serve the ultimate purpose of making pot's
networking more flexible/customizable using hooks, so it
can be integrated into different network environments (as
one size doesn't fit all).
pizzamig
pizzamig approved these changes Oct 19, 2021
View reviewed changes
Copy link
Collaborator

@pizzamig pizzamig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@pizzamig pizzamig merged commit 15e944c into bsdpot:master Oct 19, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pizzamig pizzamig pizzamig approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@grembo @pizzamig