Date: Mon, 21 Jan 2008 12:53:48 +0200 From: Tim Priebe <tim@priebe.alt.na> To: freebsd-security@freebsd.org Cc: Jordi Espasa Clofent <jordi.espasa@opengea.org> Subject: Re: denyhosts-like app for MySQLd? Message-ID: <200801211253.48663.tim@priebe.alt.na> In-Reply-To: <47947587.2010106@opengea.org> References: <47946AD3.2020601@opengea.org> <200801211226.51852.tim@priebe.alt.na> <47947587.2010106@opengea.org>
index | next in thread | previous in thread | raw e-mail
On Monday 21 January 2008 12:35:51 pm Jordi Espasa Clofent wrote: > > Hi, > > > > There is a functionality in pf, that allows you to have an application to > > update a list of hosts, that is used in a rule. You could have a script > > harvest the addresses from your log files, and then update the table in > > pf. I have not tried it myself, but was looking at adopting an > > implementation to create a tarpit for spammers based on this idea. > > Yes Tim, I know it. The "problem" is the servers are builded in IPFW as > firewall solution. > I've tried the "limit" IPFW's option... but isn't exactly what I'm > looking for. As far as I know you can run both. You can just have minimal rules in pf to deal with this, and pass everything else, and deal with the rest in ipfw.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801211253.48663.tim>