Date: Thu, 10 Jun 2004 08:39:54 -0400 From: Paul Mather <paul@gromit.dlib.vt.edu> To: khoi@oddworld.com Cc: freebsd-stable@freebsd.org Subject: Re: Port scan detection in ipfw2 Message-ID: <1086871193.9393.8.camel@zappa.Chelsea-Ct.Org> In-Reply-To: <HZ2RNN00.Q1Y@luskan.oddworld.com> References: <HZ2RNN00.Q1Y@luskan.oddworld.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2004-06-10 at 00:11, Khoi Dinh wrote:
> Also, is ipfw2 able to allow/disallow traffic according to
> time? ie. If I wanted to allow http traffic only from 9am to 1pm, can I do
> this with ipfw? I've been looking all over the net looking for a solution
> but haven't found one and was hoping that someone on the list could help me
> out, even if the answer is "no, there are no such kernel-based features."
I don't believe there are any "kernel-based features" to do the above,
but a reasonable solution to that problem would be to use two cron
jobs. One, run at 9am, would insert/remove rules using ipfw to allow
HTTP traffic. The other, run at 1pm, would insert/remove rules using
ipfw to deny HTTP traffic. You're probably already using cron to do log
rotation via newsyslog, so leveraging that tool to rotate ipfw traffic
policies shouldn't be beyond the pale...
Cheers,
Paul.
--
e-mail: paul@gromit.dlib.vt.edu
"Without music to decorate it, time is just a bunch of boring production
deadlines or dates by which bills must be paid."
--- Frank Vincent Zappa
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1086871193.9393.8.camel>