Date: Sat, 15 Sep 2007 23:36:27 +0200 From: Mel <fbsd.questions@rachie.is-a-geek.net> To: freebsd-questions@freebsd.org Subject: Re: How to add rule with pfctl... Message-ID: <200709152336.27214.fbsd.questions@rachie.is-a-geek.net> In-Reply-To: <fda61bb50709151418r61b0e0b4rd889b517b954fae9@mail.gmail.com> References: <fda61bb50709151418r61b0e0b4rd889b517b954fae9@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Saturday 15 September 2007 23:18:17 Agus wrote:
> I am trying to figure out how to add a firewall rule with pfctl...
> This is what i'm trying to do...
>
> I've got SEC that matches certain pattern and takes the IP from that and
> want to trigger a firewall rule to block that IP....
> Then after a couple of hours SEC will trigger the command to un-block the
> IP...
> So what i need is the command to block an IP address from command line, not
> touching any pf.conf....
If you don't need to add a rule but an IP, then tables are your friend.
Example for /etc/pf.conf:
# Placeholder for spammers table, non-routable network IP.
table <spammers> persist { 192.168.111.111 }
# Block this traffic
block return-rst in log on $ext_if proto tcp from <spammers> port smtp
Then on the command line:
/sbin/pfctl -t spammers -Tadd ip.from.new.spammer
And to delete:
/sbin/pfctl -t spammers -Tdel ip.from.old.spammer
--
Mel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200709152336.27214.fbsd.questions>