Saturday, February 17, 2007, 10:27 PM ( 66 views )
- FreeBSD
/etc/rc.firewallAdd this code at the end of the set_loopback function:
if [ -f "${banned_ips}" ]; then
for i in `cat ${banned_ips} | grep -vE "^#"`; do
echo ${fwcmd} add deny ip from ${i} to me
done
fi
This expects a variable banned_ips to be defined in rc.conf and to point to a file containing list (one per line) of blacklisted IPs/NETs in the form:
192.168.1.0/24
10.2.2.2
# This is a comment
Firewall rules would be up on the next reboot or after running /etc/netstart.
This is more a way to preserve blocked IPs/NETs across the reboots.
permalink
| 
