From owner-freebsd-pf@FreeBSD.ORG Tue Feb 11 15:38:26 2014 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3098B7BC for ; Tue, 11 Feb 2014 15:38:26 +0000 (UTC) Received: from mx.lissyara.su (mx.lissyara.su [91.227.18.11]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D35B11F5A for ; Tue, 11 Feb 2014 15:38:25 +0000 (UTC) Received: from [195.234.69.50] (port=50269 helo=[10.5.5.55]) by mx.lissyara.su with esmtpsa (TLSv1:DHE-RSA-CAMELLIA256-SHA:256) (Exim 4.82 (FreeBSD)) (envelope-from ) id 1WDEvk-000LUs-PB for freebsd-pf@freebsd.org; Tue, 11 Feb 2014 19:07:24 +0400 Message-ID: <52FA3CA9.30806@lissyara.su> Date: Tue, 11 Feb 2014 17:07:21 +0200 From: "skeletor@lissyara.su" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 MIME-Version: 1.0 To: freebsd-pf@freebsd.org Subject: pf block IP immediately Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Description: if spam count > 60 - this is spam X-Spam-Count: 0 X-Spam-Description: if spam count > 60 - this is spam X-Spam-Count: 0 X-Descriptions: powered by www.lissyara.su X-Bounce-ID: mx.lissyara.su X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Feb 2014 15:38:26 -0000 Hello. I have a FreeBSD 9.2 amd64 with pf (build in kernel). Can pf block some IP (sessions) immediately? Next rule can block only new sessions, but currect open sessions stay open as long as they open by IP block quick from X.X.X.X to any block quick from any to X.X.X.X Also, I can do pfctl -F sessions, but it flushes all sessions of all users. tcpdrop not shown this sessions, because this is a nat sessions. Thanks.