On 23/11/2012 15:58, Fleuriot Damien wrote:
On Nov 23, 2012, at 3:46 PM, David Demelier <demelier.da...@gmail.com> wrote:
Hello,
I would like to disable the network traffic for specific IPs, for the
moment I just add to my pf.conf a rule that will block everything for a
specified table like this :
table <closed>
[...] others rules [...]
block from <closed>
Then I just need to add my IP using pfctl, it will works, no packet can be
send / recv to the machine, however if that machine had some active
connections, these won't be closed and they can still use them (a SSH
client, game, ...)
How can I disable everything then?
Cheers
--
Demelier David
First, you might want to use "block in quick on $externalif inet from <closed>"
, to have:
- a quick rule, which stops ruleset evaluation immediately
- a more specific rule, which applies only to your WAN interface's inbound
traffic
Be careful with the quick keyword, it's going to match packets immediately and
entirely block these IPs.
Then, if you want to kill the active connections from people in the <closed> table, you
might want to "script" a bit, like:
for i in `pfctl -t closed -T show`
do
pfctl -kK $i
done
Would that do the trick for you ?
Thank you that works very well :)
Cheers,
--
David Demelier
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
