I know nothing of creating a simple script file. My question is I just want to create a simple clickable script that you can place on a users desktop of some sort to echo text into a putty window after it loggs into the bsd router via ssh.

For example my router by default allows outgoing on 443 and 80, but say a user on Windows computer B for instance would like 21 open to access a file server or such. I just want that user to be able to click an icon on their desktop which will execute a putty script which logs in via ssh on the openBSD router then executing a "pfctl -f /etc/ftp.conf" and then exits automatically..

;;;;then once the user is done with the specified port, be able to re-execute another script going back to the original setup with only 443 and 80 outgoing.

the conf's on the router are created already I just need to know how to write the actual login scripts for the windows box's to make life much easier.

Can anyone point me in the right direction, it would be much appreciated.

gratefulhemp, you need someone to take on the responsibility for fw administrator for this type of thing.

I don't know of a safe way to implement what you're describing without giving that person a lot more power as a side-effect. (i.e. You can make them a sudoer to mess with fw rules, but that's a hell of a lot of power in of itself.)

Can you describe more the circumstances and business problem you're trying to solve? If you're comfortable opening port 21 for brief transfers, is there not a "safe" subnet you can add to the rules for access to that port?