Date: Fri, 23 Jun 2006 11:09:08 +0200 From: peter@bgnett.no (Peter N. M. Hansteen) To: freebsd-net@freebsd.org Subject: Re: Best way to block a long list of IPs? Message-ID: <87ejxg2q8b.fsf@amidala.datadok.no> In-Reply-To: <7.0.1.0.2.20060620151013.042be3f8@lariat.org> (Brett Glass's message of "Tue, 20 Jun 2006 15:22:46 -0600") References: <7.0.1.0.2.20060620151013.042be3f8@lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Brett Glass <brett@lariat.org> writes: >>there are efficient tables in ipfw as well, which Ruslan implemented >>some time ago -- yet another reason we should be grateful to him > > How would I build a table of arbitrary IP addresses and be able > to update it atomically (i.e. add and delete individual addresses > and not lose all filtering when there was a modification)? This sounds very much like what PF's tables was made for. You can add or remove addresses from the command line (see eg http://www.bgnett.no/~peter/pf/en/tables.html) and there are ways to add and remove individual addresses automatically as well (see eg http://www.bgnett.no/~peter/pf/en/bruteforce.html). -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87ejxg2q8b.fsf>