Date: Tue, 11 Feb 2014 15:47:51 +0000 From: Vincent Hoffman <vince@unsane.co.uk> To: freebsd-pf@freebsd.org Subject: Re: pf block IP immediately Message-ID: <52FA4627.8090308@unsane.co.uk> In-Reply-To: <52FA3CA9.30806@lissyara.su> References: <52FA3CA9.30806@lissyara.su>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/02/2014 15:07, skeletor@lissyara.su wrote: > Hello. > I have a FreeBSD 9.2 amd64 with pf (build in kernel). > Can pf block some IP (sessions) immediately? Next rule can block only > new sessions, but currect open sessions stay open as long as they open > by IP > > block quick from X.X.X.X to any > block quick from any to X.X.X.X > > Also, I can do pfctl -F sessions, but it flushes all sessions of all > users. > > tcpdrop not shown this sessions, because this is a nat sessions. pfctl -k or -K looks like what you need. The pfctl(8) man page seems to cover it quite well. Vince > > Thanks. > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52FA4627.8090308>