Date: Wed, 09 Mar 2011 11:10:15 +0100 From: "quentin.narvor" <quentin.narvor@ensi-bourges.fr> To: <freebsd-pf@freebsd.org> Subject: Dynamically adding entry in a table Message-ID: <6304e85de3fbe21c56ac6a3fbed4ee24@ensi-bourges.fr>
next in thread | raw e-mail | index | archive | help
Hi, I'd like to dump (dup-to operation) all traffic from a subset of hosts belonging to my internal network. This subset of hosts will be stored in a table. I have another table referring to blacklisted hosts (ie botnets, etc). When a packet goes through the firewall with destination host = an IP of blacklist table, I'd like to trigger an addition to the first table (the one containing internal host to dump traffic). Excepting "overload" rules, I didn't find out how to do it (dynamically adding source host at a matching rule). Do you have some pieces of information ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6304e85de3fbe21c56ac6a3fbed4ee24>