<div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i>Hi,</i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i><br></i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i>I just implemented a feature which can work nicely with your sshlockout. </i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i>You can manually insert a state as below and the state will be maintain by ipfw itself.</i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i><br></i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i>ipfw state add rulenum 100 udp <a href="http://192.168.1.1:0">192.168.1.1:0</a> <a href="http://8.8.8.8:53">8.8.8.8:53</a> expiry +600</i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i><br></i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i>so you dont need to implement the logic to maintain the IP addresses or configure any crontab to remove..</i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i><br></i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i>different state can have different expiry or "life time".</i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i><br></i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i>any comment?</i></div><div class="gmail_default" style="font-family:verdana,sans-serif;font-size:small;color:#674ea7"><i><br></i></div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div><span style="color:rgb(103,78,167)"><i><font face="verdana, sans-serif">Regards,</font></i><br></span></div><div><span style="color:rgb(103,78,167)"><i><font style="background-color:rgb(255,255,255)" face="verdana, sans-serif">Bill Yuan</font></i></span></div></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On 14 January 2015 at 02:25, Michael Neumann <span dir="ltr"><<a href="mailto:mneumann@crater.dragonflybsd.org" target="_blank">mneumann@crater.dragonflybsd.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
commit ed17c1722f7702eb6422f73152c0091819a1900f<br>
Author: Michael Neumann <<a href="mailto:mneumann@ntecs.de">mneumann@ntecs.de</a>><br>
Date: Tue Jan 13 13:04:29 2015 +0100<br>
<br>
sshlockout - use a PF table instead of IPFW<br>
<br>
Summary of changes:<br>
usr.sbin/sshlockout/sshlockout.8 | 27 +++++++++++-------<br>
usr.sbin/sshlockout/sshlockout.c | 59 +++++++++++++++++++++++++++-------------<br>
2 files changed, 57 insertions(+), 29 deletions(-)<br>
<br>
<a href="http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ed17c1722f7702eb6422f73152c0091819a1900f" target="_blank">http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ed17c1722f7702eb6422f73152c0091819a1900f</a><br>
<span class="HOEnZb"><font color="#888888"><br>
<br>
--<br>
DragonFly BSD source repository<br>
</font></span></blockquote></div><br></div>