Hi Cris, Gary, Thank you!
Will this generate 100 separate rules or just one rule? If only one rule, how the number of IP addresses in the range influences the performance of pf? > sh -c 'for ip in `jot 100 1 100`; do echo 10.0.0.$ip >> > /etc/pf/blocked_hosts.table; done' is it a typo? I got the error: "sh: jot: cannot execute - No such file or directory" Thanks, Aleksej. -----Ursprüngliche Nachricht----- Von: Cristiano Deana [mailto:[email protected]] Gesendet: Montag, 27. Oktober 2014 17:31 An: Gary Palmer Cc: Spenst, Aleksej; [email protected] Betreff: Re: How to block IP range On Mon, Oct 27, 2014 at 5:24 PM, Gary Palmer <[email protected]> wrote: Hi >> For example, I need to block only 100 IPs in the range: >> 10.0.0.1-10.0.0.100 > tables? > > you can do things like > > table <blocked_hosts> persist file "/etc/pf/blocked_hosts.table" > block in quick log on $ext_if_ipv4 from <blocked_hosts> to any I'm adding the fast way to build the file: sh -c 'for ip in `jot 100 1 100`; do echo 10.0.0.$ip >> /etc/pf/blocked_hosts.table; done' -- Cris, member of G.U.F.I Italian FreeBSD User Group http://www.gufi.org/ _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
