On 6/10/05, Sean Knox <[EMAIL PROTECTED]> wrote:
> Manon Goo wrote:
>
> > is there any way to expire host from <bad_hosts> after some time (3
> > hours) ?
>
> cronjob?
I had started looking into that, extending tables to support entry
aging. It certainly wouldn't be the most complex thing possible to try
inside the table struct, however a far simpler and faster solution
would be a bit of scripting around the output of:
#pfctl -vT show -t blocked_ips
10.0.0.0/8
Cleared: Fri Apr 15 11:05:10 2005
In/Block: [ Packets: 21257 Bytes: 4141120 ]
In/Pass: [ Packets: 0 Bytes: 0 ]
Out/Block: [ Packets: 0 Bytes: 0 ]
Out/Pass: [ Packets: 0 Bytes: 0 ]
Parse the Cleared timestamp and if it's old enough then do the appropriate
#pfctl -vT delete -t blocked_ips 10.0.0.0/8
--
Jon Simola
Systems Administrator
ABC Communications
