Date: Thu, 10 Jun 2004 08:46:37 -0400 From: Don Bowman <don@sandvine.com> To: 'Paul Mather' <paul@gromit.dlib.vt.edu>, khoi@oddworld.com Cc: freebsd-stable@freebsd.org Subject: RE: Port scan detection in ipfw2 Message-ID: <FE045D4D9F7AED4CBFF1B3B813C85337051D8F53@mail.sandvine.com>
next in thread | raw e-mail | index | archive | help
From: Paul Mather [mailto:paul@gromit.dlib.vt.edu] > On Thu, 2004-06-10 at 00:11, Khoi Dinh wrote: > > > Also, is ipfw2 able to allow/disallow traffic according to > > time? ie. If I wanted to allow http traffic only from 9am > to 1pm, can I do > > this with ipfw? I've been looking all over the net looking > for a solution > > but haven't found one and was hoping that someone on the > list could help me > > out, even if the answer is "no, there are no such > kernel-based features." > > I don't believe there are any "kernel-based features" to do the above, > but a reasonable solution to that problem would be to use two cron > jobs. One, run at 9am, would insert/remove rules using ipfw to allow > HTTP traffic. The other, run at 1pm, would insert/remove rules using > ipfw to deny HTTP traffic. You're probably already using > cron to do log > rotation via newsyslog, so leveraging that tool to rotate ipfw traffic > policies shouldn't be beyond the pale... > > Cheers, > > Paul. There was a patch to ipfw posted last year that gave time to rules.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FE045D4D9F7AED4CBFF1B3B813C85337051D8F53>