[nycbug-talk] pf tables
Marc Spitzer
mspitzer at gmail.com
Sun Jul 30 16:33:20 EDT 2006
On 7/30/06, Dru <dlavigne6 at sympatico.ca> wrote:
>
>
> On Sun, 30 Jul 2006, Mischa Diehm wrote:
>
> > A table can also be initialized with an address list specified in
> > one or more external files, using the following syntax:
> >
> > table <spam> persist file "/etc/spammers" file "/etc/openrelays"
> > block on fxp0 from <spam> to any
>
>
> I'm still missing something as my persist file (which contained many 1000
> IPs accumulated over the past few months) was somehow flushed when the
> system rebooted. My /etc/pf.conf contains these relevant lines:
>
> # grep bad /etc/pf.conf
>
> table <bad_hosts> persist file "/var/log/bad_hosts"
Could it be something weird with log rotation, perhaps newsyslog did
something odd?
fishing but it is the only hook I have. Also did the file exist in
the file system before the
boot, the old open file descriptor trick on a deleted file?
marc
--
"We trained very hard, but it seemed that every time we were beginning to
form into teams we would be reorganized. I was to learn later in life that
we tend to meet any new situation by reorganizing, and a wonderful method it
can be for creating the illusion of progress, while producing confusion,
inefficiency and demoralization."
-Gaius Petronius, 1st Century AD
More information about the talk
mailing list