Date: Mon, 21 Jan 2008 12:53:48 +0200 From: Tim Priebe <tim@priebe.alt.na> To: freebsd-security@freebsd.org Cc: Jordi Espasa Clofent <jordi.espasa@opengea.org> Subject: Re: denyhosts-like app for MySQLd? Message-ID: <200801211253.48663.tim@priebe.alt.na> In-Reply-To: <47947587.2010106@opengea.org> References: <47946AD3.2020601@opengea.org> <200801211226.51852.tim@priebe.alt.na> <47947587.2010106@opengea.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 21 January 2008 12:35:51 pm Jordi Espasa Clofent wrote: > > Hi, > > > > There is a functionality in pf, that allows you to have an application to > > update a list of hosts, that is used in a rule. You could have a script > > harvest the addresses from your log files, and then update the table in > > pf. I have not tried it myself, but was looking at adopting an > > implementation to create a tarpit for spammers based on this idea. > > Yes Tim, I know it. The "problem" is the servers are builded in IPFW as > firewall solution. > I've tried the "limit" IPFW's option... but isn't exactly what I'm > looking for. As far as I know you can run both. You can just have minimal rules in pf to deal with this, and pass everything else, and deal with the rest in ipfw.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801211253.48663.tim>