ports/net/pf-badhost/pkg/MESSAGE


REQUIREMENTS:

Create required files:
# install -m 640 -o _pfbadhost -g wheel /dev/null /etc/pf-badhost.txt

Give user "_pfbadhost" doas permission.
 
$ cat /etc/doas.conf
permit root
permit nopass _pfbadhost cmd /sbin/pfctl args -nf /etc/pf.conf
permit nopass _pfbadhost cmd /sbin/pfctl args -t pfbadhost -T replace -f /etc/pf-badhost.txt

Add the following lines to your pf.conf: 

table <pfbadhost> persist file "/etc/pf-badhost.txt"
block in quick on egress from <pfbadhost>
block out quick on egress to <pfbadhost>

For man page

$ man pf-badhost
SecBSD's official ports repository 2023-08-16 22:26:55 +00:00
			`REQUIREMENTS:`

			`Create required files:`
			`# install -m 640 -o _pfbadhost -g wheel /dev/null /etc/pf-badhost.txt`

			`Give user "_pfbadhost" doas permission.`

			`$ cat /etc/doas.conf`
			`permit root`
			`permit nopass _pfbadhost cmd /sbin/pfctl args -nf /etc/pf.conf`
			`permit nopass _pfbadhost cmd /sbin/pfctl args -t pfbadhost -T replace -f /etc/pf-badhost.txt`

			`Add the following lines to your pf.conf:`

			`table <pfbadhost> persist file "/etc/pf-badhost.txt"`
			`block in quick on egress from <pfbadhost>`
			`block out quick on egress to <pfbadhost>`

			`For man page`

			`$ man pf-badhost`