Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 10 Jun 2004 08:46:37 -0400
From:      Don Bowman <don@sandvine.com>
To:        'Paul Mather' <paul@gromit.dlib.vt.edu>, khoi@oddworld.com
Cc:        freebsd-stable@freebsd.org
Subject:   RE: Port scan detection in ipfw2
Message-ID:  <FE045D4D9F7AED4CBFF1B3B813C85337051D8F53@mail.sandvine.com>

next in thread | raw e-mail | index | archive | help
From: Paul Mather [mailto:paul@gromit.dlib.vt.edu]
> On Thu, 2004-06-10 at 00:11, Khoi Dinh wrote:
> 
> > Also, is ipfw2 able to allow/disallow traffic according to
> > time? ie. If I wanted to allow http traffic only from 9am 
> to 1pm, can I do
> > this with ipfw?  I've been looking all over the net looking 
> for a solution
> > but haven't found one and was hoping that someone on the 
> list could help me
> > out, even if the answer is "no, there are no such 
> kernel-based features."
> 
> I don't believe there are any "kernel-based features" to do the above,
> but a reasonable solution to that problem would be to use two cron
> jobs.  One, run at 9am, would insert/remove rules using ipfw to allow
> HTTP traffic.  The other, run at 1pm, would insert/remove rules using
> ipfw to deny HTTP traffic.  You're probably already using 
> cron to do log
> rotation via newsyslog, so leveraging that tool to rotate ipfw traffic
> policies shouldn't be beyond the pale...
> 
> Cheers,
> 
> Paul.

There was a patch to ipfw posted last year that gave time
to rules.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FE045D4D9F7AED4CBFF1B3B813C85337051D8F53>