Date: Thu, 10 Jul 2008 15:52:31 +0200 From: Leslie Jensen <leslie@eskk.nu> To: "Nobody A. Unknown" <hideous@mail.ru> Cc: freebsd-pf@freebsd.org Subject: Re: New pf install on Freebsd7 seem to be a slow starter. Message-ID: <4876141F.6060202@eskk.nu> In-Reply-To: <101002322.20080710160132@mail.ru> References: <48750381.1030004@eskk.nu> <20080709225423.GB1011@verio.net> <4875D33C.2010506@eskk.nu> <3910389261.20080710125542@mail.ru> <4875FD52.1090201@eskk.nu> <4875FF7D.8050304@eskk.nu> <101002322.20080710160132@mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>> in your pf.conf and >>>> >>>> pfctl -t goodguys -T add \ >>>> something.somewhere.com \ >>>> somethingelse.somewhere.com \ >>>> xxx.yyy.zzz.qqq & >>>> >>>> into your /etc/rc.local, so pf will start up without delays. >>>> >>> I forgot to mention that I'm on a FreeBSD 7 system so the rc.local thing >>> must go somewhere else, do you know where? >>> > LJ> If I've understood this right this will only be right at the time the > LJ> machine starts. How do I get to know if the hosts changes their > LJ> addresses. Should I invoke a cron job that does the same as you suggested? > LJ> Thanks > > Yes. Also you would have to clear the table before loading new IP > addresses into it. Querying authoritative server with, for example > `nslookup`, instead of relying on local resolver would make this thing > more robust. > > Regards, > Dennis. Thank you Dennis. I've started on a script to run as root fron cron. I need a little help to invoke the nslookup function and make it go into the goodguys table. The flushing part I've got ;-) But then what do I do? ---------------------------- #!/bin/sh pfctl -F Tables ---------------------------- Thanks /Leslie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4876141F.6060202>