From owner-freebsd-questions@freebsd.org Tue Mar 28 08:47:31 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8DA1FD219DA for ; Tue, 28 Mar 2017 08:47:31 +0000 (UTC) (envelope-from kraduk@gmail.com) Received: from mail-qk0-x22c.google.com (mail-qk0-x22c.google.com [IPv6:2607:f8b0:400d:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48D22D0E for ; Tue, 28 Mar 2017 08:47:31 +0000 (UTC) (envelope-from kraduk@gmail.com) Received: by mail-qk0-x22c.google.com with SMTP id r142so30714252qke.2 for ; Tue, 28 Mar 2017 01:47:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Af8G9nJ8+YbXUevC0CMq17Pe2odpTj+uYKR8ToSbS5E=; b=rt4oCuMstpj0/hbhLFGGITnxsvFI+evHV0qcXTjyF3H4zkLjvgebCZ/MDuTRvIHju8 K94lHFsuLUSYdFL50tEk2SV5zO9QAgjjcColLV8b2jOu68UGtewKR14QEnJdZHGvS+nP piLKlnC8orMrdQwRQjwt+7C/V8/350lnXqwm3rt3NPWhsPyWaKLhRfKqrdP+yccIPY+o rqMmm4APYaMTixDMFibgSKRTA/xJIsnH8aJFhJ0dc+Hn1so6KBSxpgC0ZpwDu4rEFo0k KxPgQJFgp9oCgGhRrjHmOFemvCMbLO19BoNfyWwRcEeiZrKcme+7yzl3R2v13usOOTWV hnNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Af8G9nJ8+YbXUevC0CMq17Pe2odpTj+uYKR8ToSbS5E=; b=S8GfOmQiTifemXxosTRF6XU5bh//MrYHchHJFD9VfDajVGUdQngPupaqZyk2yn9K/o XzEysFtcRrHhfNo8yBrjJhnkcI6lHEnFgi6EAhl8u2+rVpa5Y+q8nwH1o63ZM8on297N HBNl3WuSIZ3LVoFBkzC/6fdMP2GNYbm6Oj99tAsy1/r1l5JN1ckGUxwbrM1cLXkUQ8N4 ZwCYOOq8H8Hb62LMUyTDpj+BPt2OFFcPZBkzUuwcmbPJnSQAy8cO1HegzpsrtzVcwhSu rStCtDeVLtAcCZ4o1msEEk9jS5dW0Ul4h2+PFJb4z9jZKAIOPsUDWivf5N3tD0eKtXF+ a21g== X-Gm-Message-State: AFeK/H1VRHv32LdQA0tIVKtH7YngHYU98Epg4HdEMiQVRgurKBICPa/lCUbgzR2vJJoGiAe1dx1ezoNEw7xxIw== X-Received: by 10.233.239.151 with SMTP id d145mr11619592qkg.313.1490690850519; Tue, 28 Mar 2017 01:47:30 -0700 (PDT) MIME-Version: 1.0 Received: by 10.12.180.6 with HTTP; Tue, 28 Mar 2017 01:47:30 -0700 (PDT) In-Reply-To: <20170327171959.405bbfbb@archlinux.localdomain> References: <20170327170941.59c84eec@archlinux.localdomain> <20170327171959.405bbfbb@archlinux.localdomain> From: krad Date: Tue, 28 Mar 2017 09:47:30 +0100 Message-ID: Subject: Re: Two pf questions To: Ralf Mardorf , dave.mehler@gmail.com Cc: FreeBSD Questions Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Mar 2017 08:47:31 -0000 I didnt think you could get duplicate addresses in pf tables, so please clarify if you are or not. (i suspect not) The problem probably is that you are appending to you file not overwriting it. So drop the double > ie pfctl -t bruteforce -T show | sort -u > /etc/pf/bruteforce This will obviously loose the old contents of the file which you might not want, however you could just make sure you loaded the contents of the file into the table before you dump it On 27 March 2017 at 16:19, Ralf Mardorf via freebsd-questions < freebsd-questions@freebsd.org> wrote: > On Mon, 27 Mar 2017 17:09:41 +0200, Ralf Mardorf wrote: > >On Mon, 27 Mar 2017 10:37:49 -0400, David Mehler wrote: > >>pfctl -t bruteforce -T show >> /etc/pf/bruteforce > >> > >>the problem is that I'm getting duplic addresses. The table has > >>fifteen addresses in memory but 75 in the table there's no unique > >>sorting, any ideas on how? I only want unique IP's in the on disk > >>table to avoid redundant addresses > > > >cp /etc/pf/bruteforce /tmp/foobar.txt > >pfctl -t bruteforce -T show >> /tmp/foobar.txt > >sort -u /tmp/foobar.txt > /etc/pf/bruteforce > > PS: I don't know how your tools work, so perhaps you only need to pipe > the "new", assuming the tools shouldn't provide their own options to do > the same ;). > > pfctl -t bruteforce -T show | sort -u >> /etc/pf/bruteforce > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" >