Hi, I'd like to dump (dup-to operation) all traffic from a subset of hosts belonging to my internal network. This subset of hosts will be stored in a table.
I have another table referring to blacklisted hosts (ie botnets, etc). When a packet goes through the firewall with destination host = an IP of blacklist table, I'd like to trigger an addition to the first table (the one containing internal host to dump traffic). Excepting "overload" rules, I didn't find out how to do it (dynamically adding source host at a matching rule). Do you have some pieces of information ? _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
