On Mon, 21 Jan 2008, Jordi Espasa Clofent wrote: > > There is a functionality in pf, that allows you to have an application to > > update a list of hosts, that is used in a rule. You could have a script > > harvest the addresses from your log files, and then update the table in > > pf. I > > have not tried it myself, but was looking at adopting an implementation to > > create a tarpit for spammers based on this idea. > > Yes Tim, I know it. The "problem" is the servers are builded in IPFW as > firewall solution. > I've tried the "limit" IPFW's option... but isn't exactly what I'm > looking for.
No problem; IPFW has tables too, and sets, with which you could enable/disable or swap your script-constructed tables atomically. Might be easier to allow good hosts rather than exclude baddies? cheers, Ian _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
