perl script that puts ip's on blocklist, whats the best way to reload pf rules?
by ////// from LinuxQuestions.org on (#6CZXP)
i have a small perl script that reads suricata's fast.log and writes those ip addresses and put em to blocklist that is used by pf.
Code:table <surialerts> persist file "/etc/surialerts.txt"
block in log quick on egress from <surialerts>
block out log quick on egress to <surialerts>whats the best way to reload packet filter rules in my case?
Quote:
is that the correct way ?
Code:table <surialerts> persist file "/etc/surialerts.txt"
block in log quick on egress from <surialerts>
block out log quick on egress to <surialerts>whats the best way to reload packet filter rules in my case?
Quote:
| Manipulating with pfctl' # Tables can be manipulated on the fly by using pfctl. For instance, to add entries to the table: # **pfctl -t surialerts -T add 203.0.113.0/24** This will also create the table if it doesn't already exist. |