Date: Thu, 7 Apr 2011 12:12:02 +0200 From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org> To: Quentin Narvor <quentin.narvor@gmail.com> Cc: freebsd-net@freebsd.org, nicolas.greneche@univ-orleans.fr Subject: Re: [PATCH] New feature in Packet Filter Message-ID: <BANLkTimVE9KX20PX8VGe%2BpZ3URYHqiNP8g@mail.gmail.com> In-Reply-To: <BANLkTi=fMCfzJrTavK3Pe0zUXHbQgpPE=Q@mail.gmail.com> References: <BANLkTi=fMCfzJrTavK3Pe0zUXHbQgpPE=Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Apr 7, 2011 at 10:21 AM, Quentin Narvor <quentin.narvor@gmail.com> wrote: > Hello, > > My name is Quentin Narvor and I am currently working on intrusion detection. > I use Freebsd 8.2 and I recently needed pf to be able to dynamically fill in > tables according pass rule. > > For performances reasons, I didn't want to do it with a script and pfctl. > Then, with the help of Mr Nicolas Greneche, I made this patch named "add". > It enables pf to add src ip or dst ip in a table when a match occurs on a > pass rule. > I cannot see, apart collecting ips in tables, anything else that cannot be done through pf(4) tags! Can you please describe a use case for this patch? > I submit this patch to your attention. Is this feature is of interest to be > added in PF mainstream ? > > You will find the patch and its documentation in attachment. > Let me know if you think that some modifications are needed. > > Best regards, > > Quentin Narvor > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- Ermal
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BANLkTimVE9KX20PX8VGe%2BpZ3URYHqiNP8g>