A more pliable firewall
Artyom Viklenko
artem at aws-net.org.ua
Fri Feb 20 01:03:25 PST 2009
On Thu, 19 Feb 2009, Bakul Shah wrote:
> I am wondering if there is a more dynamic and scriptable
> firewall program. The idea is to send it alerts (with sender
> host address) whenever a dns probe fails or ssh login fails
> or smtpd finds it has been fed spam or your website is fed
> bad urls. This program will then update the firewall after a
> certain number of attempts have been made from a host within
> a given period.
>
> Right now, when I find bad guys blasting packets at me, I add
> a rule to pf.conf to drop all packets from these hosts but
Actually, you can use tables and add these ip-s to tables
while leave pf.conf untouchable. The only thing to resolv
is to write some daemon which will receive notifyes and update
pf tables. It should be not so hard to write such piece
of software.
> all this manual editing is getting old and the internet is
> getting more and more like the Wild West crossed with the
> Attack of the Zombies.
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
--
Sincerely yours,
Artyom Viklenko.
-------------------------------------------------------
artem at aws-net.org.ua | http://www.aws-net.org.ua/~artem
FreeBSD: The Power to Serve - http://www.freebsd.org
More information about the freebsd-net
mailing list