On Fri, 2005-06-10 at 08:44 +0200, Manon Goo wrote: > Hello, > > I am redirecting all kinds of unwanted trafffic to localhost:7 and loading > the offending hosts into a table. > > pass in log quick inet proto tcp from ! <protected_nets> to 127.0.0.1 port > = echo flags S/SA keep state (no-sync, source-track rule, max-src-conn 1, > overload <bad_hosts> flush global) > > is there any way to expire host from <bad_hosts> after some time (3 hours) ?
you need to do it yourself. short script run from cron and a flat file with the addresses and the time they were added is all that's needed. Russell
