Current location

narf Source control manager Git

summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorshtrom <shtrom@1991c358-8f32-0410-a49a-990740bdf4c2>2010-07-13 09:02:51 +0000
committershtrom <shtrom@1991c358-8f32-0410-a49a-990740bdf4c2>2010-07-13 09:02:51 +0000
commit9a1c57ec8514b7d93c7c134e7f3b37063a5b3ce8 (patch)
tree955d4f331701c73f11b9d3c5e06c7a57aa6c694a /openbsd
parent3739dea0095fa36076cf9edf475d054765bdbdbe (diff)
[denyhost.sh] Improve doc..
git-svn-id: svn+ssh://scm.narf.ssji.net/svn/shtrom/scripts@816 1991c358-8f32-0410-a49a-990740bdf4c2
Diffstat (limited to 'openbsd')
-rwxr-xr-xopenbsd/denyhost.sh6
1 files changed, 4 insertions, 2 deletions
diff --git a/openbsd/denyhost.sh b/openbsd/denyhost.sh
index 94fb63d..6f60e8d 100755
--- a/openbsd/denyhost.sh
+++ b/openbsd/denyhost.sh
@@ -5,8 +5,8 @@
# Warning and whitelist features by Olivier Mehani <shtrom-openbsd@ssji.net>
#
# Minimal pf.conf file:
-# table <whitelist> persist
-# table <kiddies> persist
+# table <whitelist> persist file "/etc/whitelist"
+# table <kiddies> persist file "/var/tmp/blockers.list"
# pass in quick on egress proto tcp from <whitelist> to (egress) port ssh
# block in quick on $ext_if from <kiddies>
# Crontab entry:
@@ -14,6 +14,8 @@
#
# Remember to manually populate your <whitelist> table:
# # pfctl -vt whitelist -T add ADDRESS
+# or by creating file /etc/whitelist (adding it to /etc/changelist may
+# also be a good idea)
#
PATH=/usr/local/bin:$PATH
AUTHLOG=/var/log/authlog