commit 37a3235b0c0c8e559d5c9273a6db3f66056a2909 parent 7f1afbeb1bbc5f305a9c64ea909c522a63a0ab37 Author: Paco Esteban <paco@e1e0.net> Date: Tue, 30 Jun 2020 18:09:18 +0200 pf: add block empty tables to pf definitions Diffstat:
| M | roles/pf/templates/pf.conf.j2 | | | 7 | +++++++ |
1 file changed, 7 insertions(+), 0 deletions(-)
diff --git a/roles/pf/templates/pf.conf.j2 b/roles/pf/templates/pf.conf.j2 @@ -13,12 +13,19 @@ table <scanners> { 104.152.52.21 104.152.52.22 104.152.52.23 104.152.52.24 \ 104.152.52.33 104.152.52.34 104.152.52.35 104.152.52.36 \ 104.152.52.37 104.152.52.38 104.152.52.39 } +table <offenders_v4> persist +table <offenders_v6> persist +table <bsdly> persist + set loginterface none set block-policy return set skip on lo match in all scrub (no-df) block in quick inet proto { tcp, udp } from <scanners> +block in quick inet proto { tcp, udp } from <offenders_v4> +block in quick inet6 proto { tcp, udp } from <offenders_v6> +block in quick inet proto { tcp, udp } from <bsdly> block all pass out on $ext_if