Date: Thu, 1 Oct 2009 15:41:34 +0200 From: Ollivier Robert <roberto@keltia.freenix.fr> To: freebsd-pf@freebsd.org Subject: Re: something like bruteblock for pf? Message-ID: <20091001134134.GD1539@rron.freenix.org> In-Reply-To: <200908230132343.SM01728@W500.Go2France.com> References: <200908230132343.SM01728@W500.Go2France.com>
next in thread | previous in thread | raw e-mail | index | archive | help
According to Len Conrad: > Anybody know of anything similar for pf? postdandee does such manipulations for Postfix and you can configure it to add/remove pf rules for each address. http://traveler.com.br/blogs/ze/postdandee/ ----- ... my $BLOCKHOSTCOMMAND = 'pfctl -qt blackhole -Tadd $offendingHost 2>\&1 > /dev/null'; my $RELEASEHOSTCOMMAND = 'pfctl -qt blackhole -Tdelete $offendingHost 2>\&1 > /dev/null'; # $ROUTECHECKCOMMAND : # the command you'd like to use when checking for existing routes # postdandee will not try to add a route over an existing one my $ROUTECHECKCOMMAND = 'pfctl -qt blackhole -Tshow'; ... ----- -- Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- roberto@keltia.freenix.fr In memoriam to Ondine : http://ondine.keltia.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091001134134.GD1539>