why are pf-blocked ips 'leaking' thru to spamd?
snowcrash
schneecrash+pf at gmail.com
Fri Apr 27 19:09:29 UTC 2007
> On OpenBSD, I use spamd-setup which does exactly that with the
> whitelist/blacklist tables.
good point. spamd-setup is, of course, available on FreeBSD as well.
in my specific case, <ip-black> is already populated in / use by pf
elsewhere, so populating spamd's table with it too seemed wasteful.
hence, i was flopping around trying to get-it-done 'just' in pf, not spamd.
anyway, reading, the 'no rdr' seem lile the solution. again, thanks!
on add'l question ...
iiuc, i could either
(1)
no rdr from <ip-black> to any
... other rdr stuff ...
block quick <ip-black>
block all
(2)
no rdr pass from <ip-black> to any
... other rdr stuff ...
block all
where (2) seems more efficient. IF i understand correctly ...
comments on the two above?
> One could probably hack up a cron-able sed/awk/perl thingy to read
> from 2 tables, mash up the contents however you wish, and fill a 3rd table with the result.
yup. i do that for 'assembling' country-blocks from a list of
countries. best, though, that i actually understand what i'm doing IN
pf first, though ;-)
cheers!
More information about the freebsd-pf
mailing list