Re: [pfSense Support] Long IP lists
No, this is not how we handle things. I would suggest looking at our code in filter.inc before suggesting anything further. On 10/28/05, Forrest Aldrich [EMAIL PROTECTED] wrote: Does PFSense allow for includes in the pf.conf file - or would it honor those directives. Until a better solution comes around, I could implement my lists via includes into the pf.conf file, and maintain those tables separately. I would need PFSense to honor those configuration directives and not overwrite them. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Long IP lists
We have aliases which you can populate from the web interface but there is no automated method. Scott On 10/28/05, Forrest Aldrich [EMAIL PROTECTED] wrote: I have some long blacklists that I maintain. Some of them are populated with botnet /24's. I presume PFSense has the ability to maintain custom tables/rules. It would be nice to visualize them as well (via the web), perhaps allowing editing that way as an option. From the shell, I'd like to pipe the /24's I want to block (or /32's) and add it to the table(s). I believe there is a way with PF to do this. Anyone work with a similar scenario? Thanks. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Long IP lists
Might there be a creative way to do this... perhaps via a php/xml process. As an "idea" for future consideration. To interface/interact with PF Tables... I'm sure someone must have a PHP class that knows PF out there. I can do some hunting. Thank you. Scott Ullrich wrote: We have aliases which you can populate from the web interface but there is no automated method. Scott On 10/28/05, Forrest Aldrich [EMAIL PROTECTED] wrote: I have some long blacklists that I maintain. Some of them are populated with botnet /24's. I presume PFSense has the ability to maintain custom tables/rules. It would be nice to visualize them as well (via the web), perhaps allowing editing that way as an option. From the shell, I'd like to pipe the /24's I want to block (or /32's) and add it to the table(s). I believe there is a way with PF to do this. Anyone work with a similar scenario? Thanks. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Long IP lists
Sure there is a way via php. You could do something like: require_once(config.inc); $alias = array(); $alias['name'] = My new alias; $alias['descr'] = My known spammer blocks; $alias['address'] = 10.0.0.0/24 10.0.0.1/24 10.0.0.2/24 10.0.0.3/24; write_config(); This may be a good idea down the road to present a textarea region to the user and translate all of the c/r lines into spaces and run the above against it. Could serve useful for people wanting to import their ip lists, etc. Hope this is useful! Scott On 10/28/05, Forrest Aldrich [EMAIL PROTECTED] wrote: Might there be a creative way to do this... perhaps via a php/xml process. As an idea for future consideration. To interface/interact with PF Tables... I'm sure someone must have a PHP class that knows PF out there. I can do some hunting. Thank you. Scott Ullrich wrote: We have aliases which you can populate from the web interface but there is no automated method. Scott On 10/28/05, Forrest Aldrich [EMAIL PROTECTED] wrote: I have some long blacklists that I maintain. Some of them are populated with botnet /24's. I presume PFSense has the ability to maintain custom tables/rules. It would be nice to visualize them as well (via the web), perhaps allowing editing that way as an option. From the shell, I'd like to pipe the /24's I want to block (or /32's) and add it to the table(s). I believe there is a way with PF to do this. Anyone work with a similar scenario? Thanks. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Long IP lists
One thing I missed, sorry about that!: require_once(config.inc); $alias = array(); $alias['name'] = My new alias; $alias['descr'] = My known spammer blocks; $alias['address'] = 10.0.0.0/24 10.0.0.1/24 10.0.0.2/24 10.0.0.3/24; $a_aliases[] =$alias; write_config(); On 10/28/05, Scott Ullrich [EMAIL PROTECTED] wrote: Sure there is a way via php. You could do something like: require_once(config.inc); $alias = array(); $alias['name'] = My new alias; $alias['descr'] = My known spammer blocks; $alias['address'] = 10.0.0.0/24 10.0.0.1/24 10.0.0.2/24 10.0.0.3/24; write_config(); This may be a good idea down the road to present a textarea region to the user and translate all of the c/r lines into spaces and run the above against it. Could serve useful for people wanting to import their ip lists, etc. Hope this is useful! Scott On 10/28/05, Forrest Aldrich [EMAIL PROTECTED] wrote: Might there be a creative way to do this... perhaps via a php/xml process. As an idea for future consideration. To interface/interact with PF Tables... I'm sure someone must have a PHP class that knows PF out there. I can do some hunting. Thank you. Scott Ullrich wrote: We have aliases which you can populate from the web interface but there is no automated method. Scott On 10/28/05, Forrest Aldrich [EMAIL PROTECTED] wrote: I have some long blacklists that I maintain. Some of them are populated with botnet /24's. I presume PFSense has the ability to maintain custom tables/rules. It would be nice to visualize them as well (via the web), perhaps allowing editing that way as an option. From the shell, I'd like to pipe the /24's I want to block (or /32's) and add it to the table(s). I believe there is a way with PF to do this. Anyone work with a similar scenario? Thanks. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Long IP lists
Can this also read the list from a file? Scott Ullrich wrote: One thing I missed, sorry about that!: require_once("config.inc"); $alias = array(); $alias['name'] = "My new alias"; $alias['descr'] = "My known spammer blocks"; $alias['address'] = "10.0.0.0/24 10.0.0.1/24 10.0.0.2/24 10.0.0.3/24"; $a_aliases[] =$alias; write_config(); On 10/28/05, Scott Ullrich [EMAIL PROTECTED] wrote: Sure there is a way via php. You could do something like: require_once("config.inc"); $alias = array(); $alias['name'] = "My new alias"; $alias['descr'] = "My known spammer blocks"; $alias['address'] = "10.0.0.0/24 10.0.0.1/24 10.0.0.2/24 10.0.0.3/24"; write_config(); This may be a good idea down the road to present a textarea region to the user and translate all of the c/r lines into spaces and run the above against it. Could serve useful for people wanting to import their ip lists, etc. Hope this is useful! Scott On 10/28/05, Forrest Aldrich [EMAIL PROTECTED] wrote: Might there be a creative way to do this... perhaps via a php/xml process. As an "idea" for future consideration. To interface/interact with PF Tables... I'm sure someone must have a PHP class that knows PF out there. I can do some hunting. Thank you. Scott Ullrich wrote: We have aliases which you can populate from the web interface but there is no automated method. Scott On 10/28/05, Forrest Aldrich [EMAIL PROTECTED] wrote: I have some long blacklists that I maintain. Some of them are populated with botnet /24's. I presume PFSense has the ability to maintain custom tables/rules. It would be nice to visualize them as well (via the web), perhaps allowing editing that way as an option. From the shell, I'd like to pipe the /24's I want to block (or /32's) and add it to the table(s). I believe there is a way with PF to do this. Anyone work with a similar scenario? Thanks. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Long IP lists
On 10/28/05, Forrest Aldrich [EMAIL PROTECTED] wrote: My big-spammer-abuser-list is a couple thousand entries I dunno if this would work very well. I think it might be better to interface directly, somehow, with the PF Tables options? Not very easy. You need to interface with pfSense which then interfaces with pf. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]