A more pliable firewall
Max Laier
max at love2party.net
Fri Feb 20 05:30:15 PST 2009
On Friday 20 February 2009 09:28:49 Artyom Viklenko wrote:
> On Thu, 19 Feb 2009, Bakul Shah wrote:
> > I am wondering if there is a more dynamic and scriptable
> > firewall program. The idea is to send it alerts (with sender
> > host address) whenever a dns probe fails or ssh login fails
> > or smtpd finds it has been fed spam or your website is fed
> > bad urls. This program will then update the firewall after a
> > certain number of attempts have been made from a host within
> > a given period.
> >
> > Right now, when I find bad guys blasting packets at me, I add
> > a rule to pf.conf to drop all packets from these hosts but
>
> Actually, you can use tables and add these ip-s to tables
> while leave pf.conf untouchable. The only thing to resolv
> is to write some daemon which will receive notifyes and update
> pf tables. It should be not so hard to write such piece
> of software.
/usr/ports/net-mgmt/pftabled]> cat pkg-descr
The pftabled daemon is a small helper to make your pf
tables reachable from other hosts. You can add/delete/flush
IP addresses to/from a remote table with a single UDP
datagram. A simple client program is included to do this
from the command line.
WWW: http://wolfermann.org/pftabled.html
> > all this manual editing is getting old and the internet is
> > getting more and more like the Wild West crossed with the
> > Attack of the Zombies.
> > _______________________________________________
> > freebsd-net at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-net
> > To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
More information about the freebsd-net
mailing list