> -----Original Message----- > From: Jason Pyeron > Sent: Saturday, March 30, 2013 8:36 > > > -----Original Message----- > > From: Chris Buechler > > Sent: Saturday, March 30, 2013 0:48 > > > > On Fri, Mar 29, 2013 at 3:39 PM, Jason Pyeron <[email protected]> > > wrote: > > > > > > That would be verry disruptive, it says: "Resetting the > > state tables > > > will remove all entries from the corresponding tables. This > > means that > > > all open connections will be broken and will have to be > > > re-established." We have thousands of active connections > > for services that should not be interrupted. > > > > > > > I definitely wouldn't flush the entire state table. You can > just kill > > off states to/from the IP in question.
Exactly, that is how I did it. filter_configure vs filter_configure_sync gave me a bit of trouble! > > > > > > > Sorry, I should have been more clear. I am looking for a > > way to, in a > > > single execution, reproduce the steps below. > > > > > > Ex: ssh root@firewall > '/usr/local/bin/add_ip_to_block_list DOS_DDOS > > > x.y.z.q' or /usr/local/bin/add_ip_to_alias.sh DOS_DDOS 199.217.117.54 "hacking pbx" > > > > > > https://firewall/add_ip_to_block_list.php?alias=DOS_DDOS&address=x.y.z > > > .q > > > I did not do the web script yet, because I am not sure how to properly add the security bit, and I think it should go in a sub directory too. > > > I think, after reading > > > http://www.linuxnet.ch/pfsense-important-cli-commands/, I > > am going to have to do this by making a custom php script. > > > > > > > This is probably your best bet today, it wouldn't take a lot to put > > that together to meet your requirement. We'll hopefully > have an API at > > some point in the future, but none exists today. Where should this be discussed? > > Are there any roadmaps towards an API? And are there patch > submission guidelines? I am pushing it to our git repo right now. https://github.com/pdinc-oss/pfsense/tree/pdinc-api-ids-alias-update > > I would like to minimize waste on this. > -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
