Date: Thu, 19 Feb 2009 21:59:35 -0800 From: Bakul Shah <bakul@bitblocks.com> To: net@freebsd.org Subject: A more pliable firewall Message-ID: <20090220055936.035255B1B@mail.bitblocks.com>
next in thread | raw e-mail | index | archive | help
I am wondering if there is a more dynamic and scriptable firewall program. The idea is to send it alerts (with sender host address) whenever a dns probe fails or ssh login fails or smtpd finds it has been fed spam or your website is fed bad urls. This program will then update the firewall after a certain number of attempts have been made from a host within a given period. Right now, when I find bad guys blasting packets at me, I add a rule to pf.conf to drop all packets from these hosts but all this manual editing is getting old and the internet is getting more and more like the Wild West crossed with the Attack of the Zombies.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090220055936.035255B1B>