So, I regularily add IP addresses and subnets to my /etc/ipf.rules file, for the purpose of banning any type of connectivity from would-be-hackers.
--snip--
#-----------------------------------------------------------------------
# Block all inbound traffic from nasty hackers
#-----------------------------------------------------------------------
block in log first quick on gem0 from 123.0.0.0/8 to any
block in log first quick on gem0 from 456.0.0.0/12 to any
block in log first quick on gem0 from 789.0.0.0/16 to any
--snip--
and so on and so on...
The list is getting fairly large, so started wondering if I could use a hash file, similar to how you do things with a postfix setup from its main.cf file.
Something like:
--snip--
#-----------------------------------------------------------------------
# Block all inbound traffic from nasty hackers
#-----------------------------------------------------------------------
block in log first quick on gem0 from hash:/etc/banned_subnets to any
--snip--
Or something along those lines.
I've done a good amount of Googling to no aval, so maybe I'm trying to do something that just isn't done?
Any info or suggestions would be most appreciated.
Thanks!
-
Chris
--snip--
#-----------------------------------------------------------------------
# Block all inbound traffic from nasty hackers
#-----------------------------------------------------------------------
block in log first quick on gem0 from 123.0.0.0/8 to any
block in log first quick on gem0 from 456.0.0.0/12 to any
block in log first quick on gem0 from 789.0.0.0/16 to any
--snip--
and so on and so on...
The list is getting fairly large, so started wondering if I could use a hash file, similar to how you do things with a postfix setup from its main.cf file.
Something like:
--snip--
#-----------------------------------------------------------------------
# Block all inbound traffic from nasty hackers
#-----------------------------------------------------------------------
block in log first quick on gem0 from hash:/etc/banned_subnets to any
--snip--
Or something along those lines.
I've done a good amount of Googling to no aval, so maybe I'm trying to do something that just isn't done?
Any info or suggestions would be most appreciated.
Thanks!
-
Chris