something like bruteblock for pf?
Ollivier Robert
roberto at keltia.freenix.fr
Thu Oct 1 13:41:37 UTC 2009
According to Len Conrad:
> Anybody know of anything similar for pf?
postdandee does such manipulations for Postfix and you can configure it to
add/remove pf rules for each address.
http://traveler.com.br/blogs/ze/postdandee/
-----
...
my $BLOCKHOSTCOMMAND = 'pfctl -qt blackhole -Tadd $offendingHost 2>\&1 > /dev/null';
my $RELEASEHOSTCOMMAND = 'pfctl -qt blackhole -Tdelete $offendingHost 2>\&1 > /dev/null';
# $ROUTECHECKCOMMAND :
# the command you'd like to use when checking for existing routes
# postdandee will not try to add a route over an existing one
my $ROUTECHECKCOMMAND = 'pfctl -qt blackhole -Tshow';
...
-----
--
Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- roberto at keltia.freenix.fr
In memoriam to Ondine : http://ondine.keltia.net/
More information about the freebsd-pf
mailing list