On Nov 23, 2012, at 3:46 PM, David Demelier <demelier.da...@gmail.com> wrote:
> Hello, > > I would like to disable the network traffic for specific IPs, for the > moment I just add to my pf.conf a rule that will block everything for a > specified table like this : > > table <closed> > > [...] others rules [...] > > block from <closed> > > Then I just need to add my IP using pfctl, it will works, no packet can be > send / recv to the machine, however if that machine had some active > connections, these won't be closed and they can still use them (a SSH > client, game, ...) > > How can I disable everything then? > > Cheers > > -- > Demelier David First, you might want to use "block in quick on $externalif inet from <closed>" , to have: - a quick rule, which stops ruleset evaluation immediately - a more specific rule, which applies only to your WAN interface's inbound traffic Be careful with the quick keyword, it's going to match packets immediately and entirely block these IPs. Then, if you want to kill the active connections from people in the <closed> table, you might want to "script" a bit, like: for i in `pfctl -t closed -T show` do pfctl -kK $i done Would that do the trick for you ? _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
