Hello,
I'm thinking of blocking bad IPs using PF tables persisted to a file. I
would like to use a cron job to periodically analyze access logs and
update the PF table. I'd like some advice on how best to set it up:
1. Keep the file in /etc/ (e.g., /etc/pf.badbots), set restrictive
permissions (chmod 0600), and run the script under root's crontab.
2. Keep the file in a dedicated cron job user's directory, allow that
user to modify the file via the cron job, and use it in pf.conf.
I'm inclined to go with #1. Is that okay? Thanks in advance!
--
Sadeep
PGP: 103BF9E3E750BF7E
