Date: Fri, 27 Apr 2007 12:09:27 -0700 From: snowcrash <schneecrash+pf@gmail.com> To: "Jon Simola" <jsimola@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: why are pf-blocked ips 'leaking' thru to spamd? Message-ID: <70f41ba20704271209v12019809xabdebbf1adbc12d6@mail.gmail.com> In-Reply-To: <8eea04080704271154q4a714cdre3adc5c009e52d5c@mail.gmail.com> References: <70f41ba20704271105m11fa5315kc7c3d715f2d63f61@mail.gmail.com> <8eea04080704271127g70d910bfg82ec652a0c6889bf@mail.gmail.com> <70f41ba20704271143i962a7d3r821ddd34a4409f53@mail.gmail.com> <8eea04080704271154q4a714cdre3adc5c009e52d5c@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On OpenBSD, I use spamd-setup which does exactly that with the > whitelist/blacklist tables. good point. spamd-setup is, of course, available on FreeBSD as well. in my specific case, <ip-black> is already populated in / use by pf elsewhere, so populating spamd's table with it too seemed wasteful. hence, i was flopping around trying to get-it-done 'just' in pf, not spamd. anyway, reading, the 'no rdr' seem lile the solution. again, thanks! on add'l question ... iiuc, i could either (1) no rdr from <ip-black> to any ... other rdr stuff ... block quick <ip-black> block all (2) no rdr pass from <ip-black> to any ... other rdr stuff ... block all where (2) seems more efficient. IF i understand correctly ... comments on the two above? > One could probably hack up a cron-able sed/awk/perl thingy to read > from 2 tables, mash up the contents however you wish, and fill a 3rd table with the result. yup. i do that for 'assembling' country-blocks from a list of countries. best, though, that i actually understand what i'm doing IN pf first, though ;-) cheers!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?70f41ba20704271209v12019809xabdebbf1adbc12d6>