In an attempt to keep grades from getting even worse than they are, I'm trying to get pf(4) to keep a PC "focused" until homework is finished. I use tables to help with ssh brute force attacks and thought using tables would work for this problem. I can't get it to work. I'm curious if NAT has anything to do with it.
When homework should be done, I add typical time sink sites to the <finishhomework> table via ptctl(8) manually. I only want this one PC to have traffic blocked however, not every device behind NAT.
The rules look like:
Packets are not dropped, and the counters for bytes, packets, state are always zero according to
The rule evaluations counter does increase.
There probably only needs to be one rule, but since that didn't work I tried the others.
Am I missing something?
Thanks
When homework should be done, I add typical time sink sites to the <finishhomework> table via ptctl(8) manually. I only want this one PC to have traffic blocked however, not every device behind NAT.
The rules look like:
Code:
table <bruteforce> persist
table <finishhomework> persist
nat on $ext_if inet from 172.16.8.0/24 to any -> ($ext_if)
block drop log quick from <bruteforce>
block in log quick on $int_if from 172.16.8.44 to <finishhomework>
block out log quick on $int_if from <finishhomework> to 172.16.8.44
block in log quick on $ext_if from <finishhomework> to 172.16.8.44
block out log quick on $ext_if from 172.16.8.44 to <finishhomework>
pfctl -vvv -s rules
.The rule evaluations counter does increase.
There probably only needs to be one rule, but since that didn't work I tried the others.
Am I missing something?
Thanks