Hi there,
I'm writing the /etc/pf.conf rules for my machine with both IPv4 and IPv6. My public interface has two IPs (inet and inet6).
Now, [FONT=Courier New]address 0[/FONT] is the public IPv4 and [FONT=Courier New]address 1[/FONT] is the public IPv6. There is a way to easily select only those addresses in pf.conf()?
Since this machine is provisioned in a cloud (Digital Ocean, for reference) I cannot change the interface settings and I'm trying to avoid to manually write the addresses in the rules.
I'm aware of using [FONT=Courier New]:0[/FONT], yet this select the "wrong" inet6 address. So far the best I can do is to use all of them with the following macro:
That's working, yet is not optimal.
Thank you very much.
Regards,
Nicholas
I'm writing the /etc/pf.conf rules for my machine with both IPv4 and IPv6. My public interface has two IPs (inet and inet6).
ifconfig output:
Code:
en0: flags=...
...
ether xx:...:xx
inet6 xx:ADDRESS_0:xx%en0 prefixlen 64 scopeid 0x1
inet 00.ADDRESS_0.00 netmask ...
inet6 xx:ADDRESS_1:xx prefixlen 64
inet 00.ADDRESS_1.00 netmask ...
...
status: activeNow, [FONT=Courier New]address 0[/FONT] is the public IPv4 and [FONT=Courier New]address 1[/FONT] is the public IPv6. There is a way to easily select only those addresses in pf.conf()?
Since this machine is provisioned in a cloud (Digital Ocean, for reference) I cannot change the interface settings and I'm trying to avoid to manually write the addresses in the rules.
I'm aware of using [FONT=Courier New]:0[/FONT], yet this select the "wrong" inet6 address. So far the best I can do is to use all of them with the following macro:
Code:
ext_if = "en0"
public_ip = "{" $ext_if "}"That's working, yet is not optimal.
Thank you very much.
Regards,
Nicholas