Well I think that you mean to add this:
ext_if="rl0" # Or whatever your interface is ifconfig helps to find out
block drop in quick on $ext_if inet proto tcp from 192.168.0.1 to
$ext_if port ssh
or even:
ext_if="rl0"
external_addr="192.168.1.11"
block drop in quick on $ext_if inet proto tcp from 192.168.0.1 to
$external_addr port ssh
Think of macros as variables. As long as you don't define them they
don't exist (are empty).
Agus wrote:
2007/9/15, Mel <[EMAIL PROTECTED]>:
On Saturday 15 September 2007 23:18:17 Agus wrote:
I am trying to figure out how to add a firewall rule with pfctl...
This is what i'm trying to do...
I've got SEC that matches certain pattern and takes the IP from that and
want to trigger a firewall rule to block that IP....
Then after a couple of hours SEC will trigger the command to un-block
the
IP...
So what i need is the command to block an IP address from command line,
not
touching any pf.conf....
If you don't need to add a rule but an IP, then tables are your friend.
Example for /etc/pf.conf:
# Placeholder for spammers table, non-routable network IP.
table <spammers> persist { 192.168.111.111 }
# Block this traffic
block return-rst in log on $ext_if proto tcp from <spammers> port smtp
Then on the command line:
/sbin/pfctl -t spammers -Tadd ip.from.new.spammer
And to delete:
/sbin/pfctl -t spammers -Tdel ip.from.old.spammer
--
Mel
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "
[EMAIL PROTECTED]"
Hi,
I put this on /etc/pf.conf
external_addr="192.168.1.11" which is the address of the only interface.
This machine isn't a router.
block drop in quick on $ext_if inet proto tcp from 192.168.0.1 to
$external_addr port ssh
but when i try to connect from 192.168.0.1 i connect with no problems...this
rule is to block access..
What am i doing wrong..is my first time with pf...
Thankss...
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
