commit f39f3abeb3102d20a78a7afcd8c50db535ba6de2
parent 36542d99b904673214dcd75c05241646ac08deb0
Author: Naveen N <zerous@karna.openbsd.amsterdam>
Date: Wed, 20 Oct 2021 00:21:38 +0200
Add support for OpenBSD pf
pf.conf should contain the following two lines for creating a table
which can be used to un/block ip.
table <blacklist> persist
block in on vio0 from <blacklist> to any
Diffstat:
| M | fw.c | | | 16 | ++++++++++++++-- |
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/fw.c b/fw.c
@@ -1,17 +1,29 @@
#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
int
fw_block(char *ip)
{
- /* stub */
+ /* pfctl -t blacklist -T add 123.123.123.123 */
+ char s[43] = "pfctl -t blacklist -T add ";
+
printf("fw_block: blocked ip: %s\n", ip);
+ strcat(s, ip);
+ if (system(s) == 127)
+ return 0;
return 1;
}
int
fw_unblock(char *ip)
{
- /* stub */
+ /* pfctl -t blacklist -T delete 123.123.123.123 */
+ char s[46] = "pfctl -t blacklist -T delete ";
+
printf("fw_unblock: unblocked ip: %s\n", ip);
+ strcat(s, ip);
+ if (system(s) == 127)
+ return 0;
return 1;
}
