On 6 jan 2006, at 19:48, Forrest Aldrich wrote:
Johan Torin wrote:
On Friday 06 January 2006 04:30, Forrest Aldrich wrote:
Coming from FreeBSD's ipfw2, I've been accustomed to having a
timestamp
(ie: ipfw -t) that allowed me to measure "hits" on a given IP/
block/rule.
This isn't available with PF (though I think it would be a good
idea).
I maintain (as an example) a couple of tables that include spam
IPs and
other IPs that have been identified as mischievious. I'd like to
track
hits to each entry so that I can determine if a record is stale,
needing
to be pruned from the growing list.
What is the best way to accomplish this with PF?
Thanks.
I think ExpireTable [1] is what you are looking for. It's available
from (atleast) OpenBSDs portstree.
[1] http://expiretable.fnord.se/
/Johan
Thanks for the reference. Useful utilities there.
I neglected to mention that I'm using FreeBSD-6 -- so I'm not sure
these will compile out-of-the-box.
I think expiretable compiles more or less out of the...uh...tarball.
Should even be on its way into the FreeBSD ports-tree as well. See
http://marc.theaimsgroup.com/?m=113666890618724 && http://
marc.theaimsgroup.com/?m=113672366014337
Tableutil is already in there somewhere.
// Henrik Gustafsson
