DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 2nd March 2011
unixjingleman unixjingleman is offline
Fdisk Soldier
 
Join Date: Jan 2011
Posts: 70
Thanked 0 Times in 0 Posts
Default What tool for dynamic I.P filtering

Hi
Do you remember portsentry for Linux?. It could be used to dynamically add rules to your firewall ruleset so that, for instance, the I.P of some machine that had port scanned you would be blocked.
What tool would you recommend for doing this with pf?
Thank you very much for any replies
Reply With Quote
  #2   (View Single Post)  
Old 2nd March 2011
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 2,888
Thanked 190 Times in 160 Posts
Default

Quote:
Originally Posted by unixjingleman View Post
...dynamically add rules to your firewall ruleset...
Per the PF User's Guide's section on anchors (link & highlight are mine...):
Quote:
In addition to the main ruleset, PF can also evaluate sub rulesets. Since sub rulesets can be manipulated on the fly by using pfctl(8), they provide a convenient way of dynamically altering an active ruleset. Whereas a table is used to hold a dynamic list of addresses, a sub ruleset is used to hold a dynamic set of rules. A sub ruleset is attached to the main ruleset by using an anchor.
No third-party tool is needed.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Gateway http anti-virus filtering with router/proxy/something? Bruco FreeBSD General 0 9th December 2009 08:47 PM
New tool on the block - scrypt s0xxx FreeBSD Security 2 21st May 2009 07:48 AM
A PF packet tagging (policy filtering) question... Quaxo OpenBSD Security 2 30th March 2009 10:47 PM
Dynamic Traffic Shaping LordZ OpenBSD Security 6 19th January 2009 04:30 PM
Web content filtering Crypt FreeBSD Security 14 14th December 2008 02:38 PM


All times are GMT. The time now is 01:13 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick