ipfirewall tricks
Giorgos Keramidas
keramida at ceid.upatras.gr
Wed May 3 14:10:04 UTC 2006
On 2006-05-02 20:41, Atom Powers <atom.powers at gmail.com> wrote:
>On 5/2/06, Bryan Curl <bc3910 at gmail.com> wrote:
>>I want to limit time my kids spend on the internet.
>>The way I am doing it is to make varying, seperate ipf.rules files and
>>install them from cron at the appropriate time.
>>Problem is, if I make a change to one file, I generally have to update all
>>the others accordingly.
>>
>>Is there a better way? I have read man ipf but didnt come out with any
>>ideas.
>
> I would use pf and have something like this:
>
> pf.conf
> ----
> block out all from <kids> to any
> ----
>
> crontab
> ----
> pfctl -t kids -T add kids.ip.to.block
> pfctl -t kids -T del kids.ip.to.allow
> ----
>
> You can also keep the IPs in a flat file and just tell pf to re-read
> the file (or read a different file) to update the table.
Ah, neat trick. This is exactly why tables are so cool :)
More information about the freebsd-questions
mailing list