From owner-freebsd-pf@FreeBSD.ORG Wed May 9 15:23:36 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6D86616A403 for ; Wed, 9 May 2007 15:23:36 +0000 (UTC) (envelope-from almarrie@gmail.com) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.230]) by mx1.freebsd.org (Postfix) with ESMTP id B637E13C44B for ; Wed, 9 May 2007 15:23:35 +0000 (UTC) (envelope-from almarrie@gmail.com) Received: by wr-out-0506.google.com with SMTP id 70so232719wra for ; Wed, 09 May 2007 08:23:35 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=K4pMQ9EbzAOgIEXpUScjtAxhDkYP2667ucBc0FSLfkYLJTNeUKAlV9916P/MMFk8eLFZR559VlZ4IUp1YMm2YMbTiQ3EtVRGy0LTegejzY59LGwyLNqxYsUHTEgRKggdqo+h8pH4ZUp4CADsJEBtUnd8zRisg53YMfyOYyo2ZJU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=c0jBLkvRYQjN7g2E6EEcPywIeZjo9pJUf+DW9rwXoeKJjVSC5V/dPOmdhQSo80z3eeqn986YRdrSu1pLLfe+29ymWvskoXwHF/P9KcAt+2bSt2Ju3kNAiIhYLP1NjTUAuDbcnvXtEVBONJDokoIrctJD6cOzl8KNQx2qvuukp8E= Received: by 10.100.173.19 with SMTP id v19mr463032ane.1178724214657; Wed, 09 May 2007 08:23:34 -0700 (PDT) Received: by 10.100.9.14 with HTTP; Wed, 9 May 2007 08:23:34 -0700 (PDT) Message-ID: <499c70c0705090823n49cc1897u24a8ccbb7e57b429@mail.gmail.com> Date: Wed, 9 May 2007 18:23:34 +0300 From: "Abdullah Ibn Hamad Al-Marri" To: Volker In-Reply-To: <4641BC51.7080804@vwsoft.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <499c70c0705090045q121d9a36n45c0bf6c69928273@mail.gmail.com> <46418C6A.5000607@quip.cz> <499c70c0705090201v3534eef2ybe9c2f7218e714dc@mail.gmail.com> <4641BC51.7080804@vwsoft.com> Cc: freebsd-pf@freebsd.org Subject: Re: Re: PF and GeoIP to update country table? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 May 2007 15:23:36 -0000 On 5/9/07, Volker wrote: > On 12/23/-58 20:59, Abdullah Ibn Hamad Al-Marri wrote: > > Another question, how about the update per month? do I need to kill pf > > and run it again? or a crontab would do the trick and update the IPs? > > Abdullah, > > unfortunately I'm unable to imagine if it's nice or really, really bad > idea to block certain countries. It sounds like a chinese wall. If the > machine in question is a web server, it might be a hardly bad idea and > would lead into another dimension of separating the world. > > Anyway, if you want to replace the in-memory table with a fresh one > from disk, pfctl is your friend. Have a look at pfctl(8), especially > the parameters '-t' and '-T'. Doing a `pfctl -t mychinesewall -T > replace -f /tmp/dolistalltheworld.txt' would be enough. > > HTH > > Volker > Hello Volker, It's forum server with Arabic only contents, so only users in these Arabic countries would be able to connect to it. There are Arabs and ppl speak and read Arabic in the other countries but I have to lose them since the forum is getting 24/7 days hits by Arabic script kiddies who think they are elite and will flood it with fake http requests which kills the MySQL server right away. The problem is they have tons of bots run in m$ systems, and I have only 2 choices. Shut down the forum, or block other countries IPs, if you were in my place what would you do? *sigh* -- Regards, -Abdullah Ibn Hamad Al-Marri Arab Portal http://www.WeArab.Net/