Bart Smit wrote:
>I often find myself changing several rules at once for groups of IP
>addresses/ranges that I think of in terms like "remote office networks",
>"family vpn", or "provider subnets".
>Maybe I'm stretching it too much (as I sometimes do), but wouldn't having
>the option of defining symbolic names for groups of hosts and networks be
>terribly handy? It will really simplify rule base maintenance, and it is
>easy to see how this could be unified with the current built-in
>pre-defined names such as "LAN subnet" and "PPTP clients".
Ew... I can't believe this was just posted... I was thinking about
this *just* last night that it would be nice to have rule sets that
could be applied. Saved rule configs... Whatever you want to call
them. So I second the motion.
In the house, we block outgoing port 80 and run all web requests through
a proxy server (to spare ourselves of the evils out there in the web).
But occasionally, we poke holes through for certain machines (in cases
where the proxy server doesn't work out for what we need), do what we
need to do, then reapply our "safety net" again. It would be nice to be
able to apply a "No Proxy" ruleset, then apply a "Use Proxy" rule set
that both twiddle the respective rules.
chris at technologEase dot com