From owner-freebsd-questions@FreeBSD.ORG Mon Sep 17 16:45:32 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BA1CC16A419 for ; Mon, 17 Sep 2007 16:45:32 +0000 (UTC) (envelope-from agus.262@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.247]) by mx1.freebsd.org (Postfix) with ESMTP id 8215813C428 for ; Mon, 17 Sep 2007 16:45:32 +0000 (UTC) (envelope-from agus.262@gmail.com) Received: by an-out-0708.google.com with SMTP id c14so316211anc for ; Mon, 17 Sep 2007 09:45:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=Hqg2t4wxWrnWIzrQ+o+mV6S1QKINgo7/JzBqecGtuoo=; b=S97UwE1M/+kkQgWheRwRDtoDMPVyrMR4AiBsT13S/hACUnVU1SkRzrT+FZ73gADnc9kpPMNBdnvXiqs5tarXWAuVBhBovdd59GAV8R/fzn7D/NbX6LQDqJIw5ZwEuX7uLfvL4O8UBUJ4nPEYUuNQkkGiCAbSlTF79EkonhCOw/I= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=VmmOJUeTg96ah8hE5Vr6ONP/8LPl7qOrCVFB5RObtCsY+ooZ5GlB/EelSTdnFtafomDMd106141Hm0Af5l/DBGvS+T8Ma6HWMf+HUpDAb0Aef2omradDWGOeRvESL231LFS4m63ZaShsOfrubdSf7a5f09ItgkqbTqvG7V0WDWg= Received: by 10.100.133.9 with SMTP id g9mr7825199and.1190047531551; Mon, 17 Sep 2007 09:45:31 -0700 (PDT) Received: by 10.35.83.16 with HTTP; Mon, 17 Sep 2007 09:45:31 -0700 (PDT) Message-ID: Date: Mon, 17 Sep 2007 13:45:31 -0300 From: Agus To: Mel In-Reply-To: <200709152336.27214.fbsd.questions@rachie.is-a-geek.net> MIME-Version: 1.0 References: <200709152336.27214.fbsd.questions@rachie.is-a-geek.net> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: How to add rule with pfctl... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2007 16:45:32 -0000 2007/9/15, Mel : > > On Saturday 15 September 2007 23:18:17 Agus wrote: > > > I am trying to figure out how to add a firewall rule with pfctl... > > This is what i'm trying to do... > > > > I've got SEC that matches certain pattern and takes the IP from that and > > want to trigger a firewall rule to block that IP.... > > Then after a couple of hours SEC will trigger the command to un-block > the > > IP... > > So what i need is the command to block an IP address from command line, > not > > touching any pf.conf.... > > If you don't need to add a rule but an IP, then tables are your friend. > Example for /etc/pf.conf: > # Placeholder for spammers table, non-routable network IP. > table persist { 192.168.111.111 } > # Block this traffic > block return-rst in log on $ext_if proto tcp from port smtp > > Then on the command line: > /sbin/pfctl -t spammers -Tadd ip.from.new.spammer > And to delete: > /sbin/pfctl -t spammers -Tdel ip.from.old.spammer > > -- > Mel > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > Hi, I put this on /etc/pf.conf external_addr="192.168.1.11" which is the address of the only interface. This machine isn't a router. block drop in quick on $ext_if inet proto tcp from 192.168.0.1 to $external_addr port ssh but when i try to connect from 192.168.0.1 i connect with no problems...this rule is to block access.. What am i doing wrong..is my first time with pf... Thankss...