From 91eb82f9028050ec4f182ea05f667646612cf004 Mon Sep 17 00:00:00 2001 From: Reyk Floeter Date: Wed, 15 Aug 2018 11:46:21 +0200 Subject: [PATCH] Make the group egress optional (dynamic) in the initial pf rule --- agent/main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/agent/main.c b/agent/main.c index 7cf319a..003e896 100644 --- a/agent/main.c +++ b/agent/main.c @@ -619,7 +619,7 @@ agent_pf(struct system_config *sc, int open) return (0); if (open) - ret = shellout("pass out proto tcp from egress to port www\n", + ret = shellout("pass out proto tcp from (egress) to port www\n", NULL, "pfctl", "-f", "-", NULL); else ret = shellout("\n", NULL, "pfctl", "-f", "-", NULL);