|
|||
pf flush persist file
Have a file which stores brute force ipaddresses in .
table <brute> persist file "/pathto/brutelist" the persist file that is brutelist has grown in size. I would like to periodically flush all entires using a cron job how do i do it. The commands below donot work Code:
pfctl -t brute -T flush pfctl -t /pathto/brutelist -T flush pfctl -t bruteforce -T expire 86400 how do i periodically flush the persist file. thanks
__________________
Freebsd 7 64 bit apache2.2 php5 mysql5 |
|
|||
You can use the expiretable port (/usr/ports/security/expiretable) to flush the table of entries older than a certain time:
Code:
# Every 5 minutes, clean out the bruteforce pf table of entries older than 1 hour */5 * * * * root /usr/local/sbin/expiretable -t 3600 ssh-bruteforce |
|
|||
persist file
thank you for the reply.
Yes that would flush the entires in the table specified but the entires in the actual persist file remain. Code:
do i just run an unix command to delete */5 * * * * root rm "/pathto/brutelist"
__________________
Freebsd 7 64 bit apache2.2 php5 mysql5 |
|
|||
two lists
thank you for the help.
Thinking aloud here. In my pf.conf i have Code:
table <brute> persist file "/patho/brutelist" Code:
/sbin/pfctl -t brute -T show >> /pathto/brutelist the command below Code:
/sbin/pfctl -t brute -T replace -f /path/to/brutelist I want the ipaddresses in the table memory effective. As these will be of the most recent attacks. All I want to do is flush all data in the persist file and remove it from the table memory as well. But leave the recent table memory untouched. Is this possible ? Also do I really need a persist file. As say I could just run Code:
pfctl -t brute -T expire 86400
__________________
Freebsd 7 64 bit apache2.2 php5 mysql5 |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
PHP read file contents - Maximum file size | cksraj | Programming | 1 | 21st September 2009 11:38 AM |
File system at more than 100% | michaelrmgreen | FreeBSD General | 4 | 28th July 2008 01:52 PM |
file:/// | mfaridi | FreeBSD Security | 3 | 27th July 2008 02:18 PM |
How to get NAT log file on FreeBSD ? | chamnanpol | FreeBSD General | 1 | 17th June 2008 11:49 PM |
flush natd rules | nenduvel | FreeBSD Security | 1 | 3rd May 2008 08:59 PM |