I don't know how many folks use portsentry & logcheck, but
I am trying to get the KILL_ROUTE portion of portsentry
to work with OpenBSD's pf. Below is a typical line for
KILL_ROUTE.
"/bin/echo 'block in log on $EXT_IF from xxx.xxx.xxx.xxx/32 to any' | /sbin/pfctl -f -"
The problem is that is wipes out any existing rules (and nat/rdr). Is there a way
to append this offending ip to an existing set of rules, or have the line
placed within the file (/etc/pf.conf)? Preferably towards the top in a
'block in quick ....' line.
(text/plain)