*Hi,* *I just implemented a feature which can work nicely with your sshlockout. * *You can manually insert a state as below and the state will be maintain by ipfw itself.*
*ipfw state add rulenum 100 udp 192.168.1.1:0 <http://192.168.1.1:0> 8.8.8.8:53 <http://8.8.8.8:53> expiry +600* *so you dont need to implement the logic to maintain the IP addresses or configure any crontab to remove..* *different state can have different expiry or "life time".* *any comment?* *Regards,* *Bill Yuan* On 14 January 2015 at 02:25, Michael Neumann < [email protected]> wrote: > > commit ed17c1722f7702eb6422f73152c0091819a1900f > Author: Michael Neumann <[email protected]> > Date: Tue Jan 13 13:04:29 2015 +0100 > > sshlockout - use a PF table instead of IPFW > > Summary of changes: > usr.sbin/sshlockout/sshlockout.8 | 27 +++++++++++------- > usr.sbin/sshlockout/sshlockout.c | 59 > +++++++++++++++++++++++++++------------- > 2 files changed, 57 insertions(+), 29 deletions(-) > > > http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ed17c1722f7702eb6422f73152c0091819a1900f > > > -- > DragonFly BSD source repository >
