Troubles with PF Tables
Peter Wullinger
peter.wullinger at gmail.com
Wed Sep 6 16:04:03 UTC 2006
2006/9/6, Владимир Капустин <msgs_for_me at mail.ru>:
> I have table "spamers", which renews by cron with help of easy script:
>
> cp /home/netup/spamers /pf/spamers;
> pfctl -d;
> sleep 15;
> pfctl -e -f /etc/pf.conf;
see the manpage for pfctl(8). You can update a table without having to
reload the entire ruleset:
# pfctl -t spammers -T replace -f /pf/spamers
I use this with trojan port blocklists quite successfully.
> but after that actually table "spamers" have no changes
>
> if I do the same manually (disable & enable PF) the changes take effect
> how can I implement some automatization on this process?
I cannot really verify this here. "pfctl -e -f" seems to correctly enable
the packet filter and load the new ruleset. A short glance at pfctl-source
seems to confirm that this works correctly.
Cheers,
Peter
More information about the freebsd-pf
mailing list