From owner-freebsd-questions@FreeBSD.ORG  Tue Sep 25 14:22:51 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 597E616A41B
	for <questions@freebsd.org>; Tue, 25 Sep 2007 14:22:51 +0000 (UTC)
	(envelope-from danm@prime.gushi.org)
Received: from prime.gushi.org (prime.gushi.org [72.9.101.130])
	by mx1.freebsd.org (Postfix) with ESMTP id 0352513C458
	for <questions@freebsd.org>; Tue, 25 Sep 2007 14:22:50 +0000 (UTC)
	(envelope-from danm@prime.gushi.org)
Received: from prime.gushi.org (localhost [127.0.0.1])
	by prime.gushi.org (8.13.8/8.13.8) with ESMTP id l8PEMnGV055798
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <questions@freebsd.org>; Tue, 25 Sep 2007 10:22:49 -0400 (EDT)
	(envelope-from danm@prime.gushi.org)
DKIM-Signature: v=0.5; a=rsa-sha1; c=simple/simple; d=prime.gushi.org;
	s=primegushiorg; t=1190730169; bh=igRu0oKAfehxbq9aVgHr0C+S+EM=;
	h=DomainKey-Signature:
	Received:Date:From:To:Subject:Message-ID:MIME-Version:
	Content-Type; b=lUH6lVpkY7eEUFPS3ZKbKg0GIz8XZ2PcvA/998CF9GOW/LYHdJ
	W2SRqzy3255pb15BgoJOLC+dYP+/quVVvycQ==
DomainKey-Signature: a=rsa-sha1; s=primegushiorg; d=prime.gushi.org; c=nofws;
	q=dns; 
	h=received:date:from:to:subject:message-id:mime-version:content-type;
	b=SZYpKE/B0dZnRlgwSBCemOPSUo+xGqCmrSDOi0NAE9X/6MV+NMKooWDAFIMyPeTYx
	93ECo621St/Riam4IijKw==
Received: (from danm@localhost)
	by prime.gushi.org (8.13.8/8.13.8/Submit) id l8PEMmrn055783;
	Tue, 25 Sep 2007 10:22:48 -0400 (EDT) (envelope-from danm)
Date: Tue, 25 Sep 2007 10:22:48 -0400 (EDT)
From: "Dan Mahoney, System Admin" <danm@prime.gushi.org>
To: questions@freebsd.org
Message-ID: <20070925101542.T50931@prime.gushi.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: 
Subject: IPFW with DNSBL
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Sep 2007 14:22:51 -0000

Hey all,

Has anyone found a way to have ipfw work with a DNS blocklist?

I realize the core functionality is not in IPFW, but I am thinking 
somehow, of having a table dynamically maintained by some kind of divert 
daemon?

Couple this with some kind of a connection delay (perhaps also in the 
divert pipe), and this could be potentially useful.

Also, could someone please commit a table-save-state startup/shutdown 
script for ipfw as exists in pf?

Thanks,

Dan Mahoney

--

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------