On 5/9/07, Volker <[EMAIL PROTECTED]> wrote:
On 12/23/-58 20:59, Abdullah Ibn Hamad Al-Marri wrote:
> Another question, how about the update per month? do I need to kill pf
> and run it again? or a crontab would do the trick and update the IPs?

Abdullah,

unfortunately I'm unable to imagine if it's nice or really, really bad
idea to block certain countries. It sounds like a chinese wall. If the
machine in question is a web server, it might be a hardly bad idea and
would lead into another dimension of separating the world.

Anyway, if you want to replace the in-memory table with a fresh one
from disk, pfctl is your friend. Have a look at pfctl(8), especially
the parameters '-t' and '-T'. Doing a `pfctl -t mychinesewall -T
replace -f /tmp/dolistalltheworld.txt' would be enough.

HTH

Volker


Hello Volker,

It's forum server with Arabic only contents, so only users in these
Arabic countries would be able to connect to it.

There are Arabs and ppl speak and read Arabic in the other countries
but I have to lose them since the forum is getting 24/7 days hits by
Arabic script kiddies who think they are elite and will flood it with
fake http requests which kills the MySQL server right away.

The problem is they have tons of bots run in m$ systems, and I have
only 2 choices.
Shut down the forum, or block other countries IPs, if you were in my
place what would you do?
*sigh*

--
Regards,

-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to