On OpenBSD, I use spamd-setup which does exactly that with the whitelist/blacklist tables.
good point. spamd-setup is, of course, available on FreeBSD as well. in my specific case, <ip-black> is already populated in / use by pf elsewhere, so populating spamd's table with it too seemed wasteful. hence, i was flopping around trying to get-it-done 'just' in pf, not spamd. anyway, reading, the 'no rdr' seem lile the solution. again, thanks! on add'l question ... iiuc, i could either (1) no rdr from <ip-black> to any ... other rdr stuff ... block quick <ip-black> block all (2) no rdr pass from <ip-black> to any ... other rdr stuff ... block all where (2) seems more efficient. IF i understand correctly ... comments on the two above?
One could probably hack up a cron-able sed/awk/perl thingy to read from 2 tables, mash up the contents however you wish, and fill a 3rd table with the result.
yup. i do that for 'assembling' country-blocks from a list of countries. best, though, that i actually understand what i'm doing IN pf first, though ;-) cheers! _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
