[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf and spyware



On Monday 10 March 2003 03:32 pm, Matteo Cavalleri wrote:
>
> i found a site with a list of these ip which seems updated costantly
> enough, so i shouldn't have problems here, but since here there are a
> lot of people more experienced than me i would really be happy to hear
> your experiences, suggestions and so on. maybe i'm just wasting my time
> or doing things wrong ;)
>
	Well, you don't say what version you're running, but 3.3-beta and 3.3 will 
have support for ip address tables, either in pf.conf or initialized by 
external files.

If I understand the syntax correctly (and henning or another pf'er can LART me 
as required), you should be able to refresh those tables without dumping the 
rules they apply to.

You should consider making the move to the beta, and just write a parsing 
script to convert the blocklists into something that pfctl can understand.

And don't forget the block out rule for that table.  *grin*


YMMV, HTH


-- 
Joseph C. Bender
jcbender (at) benderhome dot net