New pf install on Freebsd7 seem to be a slow starter.
Leslie Jensen
leslie at eskk.nu
Thu Jul 10 13:52:41 UTC 2008
>>>> in your pf.conf and
>>>>
>>>> pfctl -t goodguys -T add \
>>>> something.somewhere.com \
>>>> somethingelse.somewhere.com \
>>>> xxx.yyy.zzz.qqq &
>>>>
>>>> into your /etc/rc.local, so pf will start up without delays.
>>>>
>>> I forgot to mention that I'm on a FreeBSD 7 system so the rc.local thing
>>> must go somewhere else, do you know where?
>>>
> LJ> If I've understood this right this will only be right at the time the
> LJ> machine starts. How do I get to know if the hosts changes their
> LJ> addresses. Should I invoke a cron job that does the same as you suggested?
> LJ> Thanks
>
> Yes. Also you would have to clear the table before loading new IP
> addresses into it. Querying authoritative server with, for example
> `nslookup`, instead of relying on local resolver would make this thing
> more robust.
>
> Regards,
> Dennis.
Thank you Dennis.
I've started on a script to run as root fron cron.
I need a little help to invoke the nslookup function and make it go into
the goodguys table.
The flushing part I've got ;-)
But then what do I do?
----------------------------
#!/bin/sh
pfctl -F Tables
----------------------------
Thanks
/Leslie
More information about the freebsd-pf
mailing list