Date: Sat, 30 Dec 2006 17:35:03 +0100 From: peter@bsdly.net (Peter N. M. Hansteen) To: freebsd-pf@freebsd.org Subject: Re: rate limit with pf instead of IPFW Message-ID: <87vejtuytk.fsf@thingy.datadok.no> In-Reply-To: <499c70c0612290305w11eee312ma02e482b69e77f01@mail.gmail.com> (Abdullah Al-Marrie's message of "Fri, 29 Dec 2006 14:05:36 %2B0300") References: <499c70c0612290305w11eee312ma02e482b69e77f01@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Abdullah Al-Marrie" <almarrie@gmail.com> writes: > I checked http://home.nuug.no/~peter/pf/en/bruteforce.html > > I still didn't find something in the faq covers table <bruteforce> > persist , do I need to create a file like /etc/bruteforce or no need > for that and will be stored in kernel until they expire or I reboot > the box? You can load data into a table from a file (or for that matter dump table contents to a file) if you like. If it's important to keep the table contents across reboots, you probably want to do something like $ sudo pfctl -t foo -T show >/etc/tables/foo or perhaps at regular intervals from cron, and declare your table something like table <foo> persist file /etc/tables/foo > as su I type pfctl -t foo -Tl -f /etc/pf.conf but it returns nothing. If you want to show table contents, a $ sudo pfctl -t foo -T show should be sufficient. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87vejtuytk.fsf>