On Tue, Feb 16, 2010 at 10:22:04AM +0100, Per-Olov Sj?holm wrote: > Hi "misc" > > I am looking for a tool to use as a trigger for dynamically open PF ports from > certain IP:s. > > I will access non critical info but want at least a port knocker as security. > > If I access an IP on my DMZ that is not in use on a port that is fake I want > to dynamically add a PF rule for a totally different purpose. Let's say I > access http://1.2.3.4:45321 which is blocked and logged in PF, what is the > easiest way to create a trigger from the PF log or the PF log device? > > A cron job with grep in the PF log and then run pfctl to add the rule is from > many points of view a bad choice... I don't want to dig through the PF log as > it can be huge, and I don't want to use a cron job as it takes to long.. > > Any suggestions appreciated. >
Seriously, though: Why are you so interested in reimplementing authpf, but doing it badly? > > Thanks in advance > /Per-Olov
