Program to add/delete a rule from pf
Rajkumar S
rajkumars at gmail.com
Wed Jul 19 06:51:29 UTC 2006
On 7/19/06, Travis H. <solinym at gmail.com> wrote:
> Another way is to use my dfd_keeper program, located at my homepage
> below. It allows you to make arbitrary modification to the pf rules.
> It doesn't use ioctls; it remembers all the rules, make modification
> to them at run-time, and re-loads the ruleset completely. No anchors
> are really necessary, but you might want to use a few so you can
> "patch" the rulest temporarily without modifying your dfd_keeper
> script (I provide the library, you provide the client script). There
> is an example. It's meant for making run-time rule changes, and even
> takes care of things like flushing states if you remove a pass rule,
> etc. I would appreciate feedback on it.
Thanks for the link, but there are couple of problems preventing me
from using it.
1. My motive is to get a snortsam plugin for freebsd pf to block an
offending connection, and contribute it back to snortsam. So I do not
want to use Zope or twisted.
2. The license of the code does not permit me to contribute it back to
snortsam, which BSD licenced.
btw, is there any other program (other than pfctl) that interfaces
with pf using ioctl to add a rule (not a table entry) so that I can
look into the code?
raj
More information about the freebsd-pf
mailing list