Peter Maxwell wrote:
> 2009/12/22 Gaurav Ghimire :
>
>
>> thinking if I could be informed via an email alert that a new IP has
>> been added to the table abusive_ips. It seems this would have been
>> possible if there was a possibility that I could trigger an external
>> script on the rule 3rd
2009/12/22 Gaurav Ghimire :
> thinking if I could be informed via an email alert that a new IP has
> been added to the table abusive_ips. It seems this would have been
> possible if there was a possibility that I could trigger an external
> script on the rule 3rd rule I have. And the external sc
Kevin wrote:
>> For tracking source IPs and adding them to a table, you can already do
>> this, c.f. max-src-conn and overload in the pf.conf man page.
>>
>>
>> If you use the overload keyword to dump the bad IPs into a table then
>> as a quick and dirty solution for scripting you can the run a scr
> For tracking source IPs and adding them to a table, you can already do
> this, c.f. max-src-conn and overload in the pf.conf man page.
>
>
> If you use the overload keyword to dump the bad IPs into a table then
> as a quick and dirty solution for scripting you can the run a script
> from cron e
2009/12/21 Gaurav Ghimire :
> Hi all,
>
> Are there any possibilities that I could run a script (bash, perl) when
> any rule is matched.
>
> For example, I have some distinct rule and want to get an alert email
> each time any connection threshold is crossed on it from a singe IP. Say
> I want one
2009/12/21 Tom Uffner :
> Gaurav Ghimire wrote:
>>
>> Are there any possibilities that I could run a script (bash, perl) when
>> any rule is matched.
>
> make sure the rule you want to trigger your script includes "log".
>
> have your script tail pflog, and watch for your trigger rule before
> perf
Gaurav Ghimire wrote:
Are there any possibilities that I could run a script (bash, perl) when
any rule is matched.
make sure the rule you want to trigger your script includes "log".
have your script tail pflog, and watch for your trigger rule before
performing its action.
_
Hi all,
Are there any possibilities that I could run a script (bash, perl) when
any rule is matched.
For example, I have some distinct rule and want to get an alert email
each time any connection threshold is crossed on it from a singe IP. Say
I want one IP only have 1 http connection to a web se
