Christian Schulte wrote: > The only option I see is grepping the log file for those > status codes (404, 406, 429, some location, etc.) and use the IP > information for creating pf rules. Having httpd in base do something > like this automatically like e.g. spamd would be a cool feature to have. > Something like: Make httpd detect IPs sending too many requests and make > it manage some pf table to block that IP for some time automatically > similar to spamd.
I would argue this would be a perfect job for relayd, not httpd. httpd lacks kitchen-sink features by design, let relayd do the heavy lifting for which it's better equipped. Regards Lloyd
