On Saturday 15 September 2007 23:18:17 Agus wrote:

> I am trying to figure out how to add a firewall rule with pfctl...
> This is what i'm trying to do...
> I've got SEC that matches certain pattern and takes the IP from that and
> want to trigger a firewall rule to block that IP....
> Then after a couple of hours SEC will trigger the command to un-block the
> IP...
> So what i need is the command to block an IP address from command line, not
> touching any pf.conf....

If you don't need to add a rule but an IP, then tables are your friend.
Example for /etc/pf.conf:
# Placeholder for spammers table, non-routable network IP.
table <spammers> persist { }
# Block this traffic
block return-rst in log on $ext_if proto tcp from <spammers> port smtp

Then on the command line:
/sbin/pfctl -t spammers -Tadd ip.from.new.spammer
And to delete:
/sbin/pfctl -t spammers -Tdel ip.from.old.spammer

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to