Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 15th July 2008
hunteronline hunteronline is offline
Fdisk Soldier
Join Date: Jul 2008
Posts: 52
Default PF <tables>

I use a very basic pf.conf on a web server to drop known problem IPs

# Tables: similar to macros, but more flexible for many addresses.
table <rfc1918> const {,, }
table <garbage> persist file "/etc/pf.garbage.txt"
table <whitelist> persist file "/etc/pf.whitelist.txt"
table <ssh-violations> persist file "/etc/ssh-violations.txt"

block in all
block drop in quick  from <rfc1918> to any
block drop in quick from <garbage> to any
block drop in quick from <ssh-violations> to any
pass  in all
The <garbage> table had thousands of IPs in it before the rule "block drop in quick from <garbage> to any" was commented out while tracking down a problem. Pf.conf was tested and reloaded using:

pfctl -vvv -f /etc/pf.conf ; sleep 90 ; pfctl -vvv -f /etc/pf.conf.open

pfctl -vvv -f /etc/pf.conf

The problem had nothing to do with any IP in the <garbage> table and the rule was rule was re-enabled. Now when I use "pfctl -t garbage -T show" the table is empty.

pfctl -sa -r -vvv | less - loaded rules with line numbers

Is this normal or am I missing something ?

Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
pf tables how long values stored ijk FreeBSD Security 3 12th August 2008 11:45 AM

All times are GMT. The time now is 07:45 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick