dShield and PF

A

ahhyes

Hi There,

Just wondering if there is any port/package that I can add that will allow me to use the dShield block list with the PF firewall? I didn't see anything in ports, however maybe I was looking for the wrong thing?

Code: 
root@core:~ # psearch shield
archivers/unshield        Extract data from InstallShield CAB files
security/ipfilter2dshield Official DShield client for ipfilter firewall logs
security/ipfw2dshield     DShield client for ipfw logs

Any suggestions?
 
I'm not familiar with that product but what does come to mind would be to use pf's table directive with the block list provided as a file. This is assuming the block list is a plain text file or you can write a sed/awk/etc line to get it that way when you update it. I would recommend looking scrolling down to the example in pf.conf() where they show it with an /etc/spammers file used as an example to see if that meets what you are looking for.
 
You must log in or register to reply here.
Back
Top