On Wednesday 21 September 2011 14:06:08 Mauricio López wrote: > I'm thinking about making an script using awk and pftop output to watch > for states that have more than 1Mb of traffic (regular DNS queries > aren't that big) and put those hosts in a table for blocking. My > question is if it is there some other more efficient solution for this > problem. > > Thanks in advance
Hi Mauricio, I dont know if this will help you, but this is a script I made years ago that I use on my machines. I call the script using cron once a day and let IPFW do the filtering for me HTH Peg #!/bin/sh #automatically fetch the spamhaus zone ban list cd /root /usr/bin/fetch http://www.spamhaus.org/drop/drop.lasso #Let drop all of set 11 from the firewall /sbin/ipfw delete set 11 #Starting Rule Number Counter=1000 #lets parse the file and cut out the piece we want for i in `cut -d " " -f 1 drop.lasso | grep -v ";"` do echo "Adding rule for: $i " Counter=`expr $Counter + 1` ##Lets add the rule into set 11 /sbin/ipfw add $Counter set 11 deny ip from $i to any Counter=`expr $Counter + 1` /sbin/ipfw add $Counter set 11 deny ip from any to $i done _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"