Friday, August 23, 2024

Options to have relayd add IP to pf?

Hi,

I have a server which gets flooded with unsolicited HTTP requests. So far, I use relayd filters to identify those requests and block them, at relayd level. It works as they never reach the web server but relayd is still working to block them.

I thought of parsing relayd logs to get those IPs and add them to a pf block table, using an automated script.

I also thought of using tags to forward the connections to a program that would add the IP to the pf block table.

Would there be a simpler / smarter way to have relayd add an IP matching a block rule into a pf table?

Thanks,
Joel C.

No comments:

Post a Comment