git: sshlockout - use a PF table instead of IPFW

bycn82 bycn82 at gmail.com
Sun Jan 18 03:31:07 PST 2015


*Hi,*

*I just implemented a feature which can work nicely with your sshlockout.  *
*You can manually insert a state as below and the state will be maintain by
ipfw itself.*

*ipfw state add rulenum 100 udp 192.168.1.1:0 <http://192.168.1.1:0>
8.8.8.8:53 <http://8.8.8.8:53> expiry +600*

*so you dont need to implement the logic to maintain the IP addresses or
configure any crontab to remove..*

*different state can have different expiry or "life time".*

*any comment?*


*Regards,*
*Bill Yuan*

On 14 January 2015 at 02:25, Michael Neumann <
mneumann at crater.dragonflybsd.org> wrote:

>
> commit ed17c1722f7702eb6422f73152c0091819a1900f
> Author: Michael Neumann <mneumann at ntecs.de>
> Date:   Tue Jan 13 13:04:29 2015 +0100
>
>     sshlockout - use a PF table instead of IPFW
>
> Summary of changes:
>  usr.sbin/sshlockout/sshlockout.8 | 27 +++++++++++-------
>  usr.sbin/sshlockout/sshlockout.c | 59
> +++++++++++++++++++++++++++-------------
>  2 files changed, 57 insertions(+), 29 deletions(-)
>
>
> http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ed17c1722f7702eb6422f73152c0091819a1900f
>
>
> --
> DragonFly BSD source repository
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20150118/a58ad3c9/attachment-0005.html>


More information about the Users mailing list