How to add rule with pfctl...

Mel fbsd.questions at rachie.is-a-geek.net
Sat Sep 15 14:36:29 PDT 2007


On Saturday 15 September 2007 23:18:17 Agus wrote:

> I am trying to figure out how to add a firewall rule with pfctl...
> This is what i'm trying to do...
>
> I've got SEC that matches certain pattern and takes the IP from that and
> want to trigger a firewall rule to block that IP....
> Then after a couple of hours SEC will trigger the command to un-block the
> IP...
> So what i need is the command to block an IP address from command line, not
> touching any pf.conf....

If you don't need to add a rule but an IP, then tables are your friend.
Example for /etc/pf.conf:
# Placeholder for spammers table, non-routable network IP.
table <spammers> persist { 192.168.111.111 }
# Block this traffic
block return-rst in log on $ext_if proto tcp from <spammers> port smtp

Then on the command line:
/sbin/pfctl -t spammers -Tadd ip.from.new.spammer
And to delete:
/sbin/pfctl -t spammers -Tdel ip.from.old.spammer

-- 
Mel


More information about the freebsd-questions mailing list