On Sun, Apr 15, 2007 at 08:02:55PM -0400, Bill Moran wrote:
>
> There was some discussion on this list not too long ago, and someone
> asked if I was willing to make my pf config and the associated scripts
> I wrote for it public.  I would have posted on the original thread,
> but I can't find it now.
>
> Here is the information:
> http://www.potentialtech.com/cms/node/16
>
> --
> Bill Moran
> http://www.potentialtech.com

Hi Bill,

I hope you don't mind some suggestions!

Your table names (and anything else enclosed in less-than/greater-than
symbols) got lost, so using the appropriate escape characters in HTML
would be useful.

Also, pf tables can be loaded from files containing a list of IP
addresses or hostnames, one per line.  My table line is as follows:

table <sshbf> file "/etc/bruteforce_ssh"

I periodically save blocked hosts to this file using a script to
format and maintain uniqueness.  In this way, my blocks persist across
reboots.  I'm just as draconian as you are in my blocking policy!

Erik

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to