Expiretable 0.6 review
DownloadExpiretable is a utility used to remove entries from a pf(4) table based on their age
|
|
Expiretable is a utility used to remove entries from a pf(4) table based on their age. The age in question being the amount of time that has passed since the statistics for each entry in the target table was last cleared.
This program needs to be run as a user with read/write permission to /dev/pf. As with all unknown things that need to be run as the superuser or similar there is always the chance this one will cause death and destruction, so use at your own risk. It WorksForMe< tm >, don't blame me if your cat grows another eye, and so on and so forth.
If you find yourself using this utility, especially for a reason not mentioned here, please tell me about it.
Johan Fredin has been nice enough to provide a port for expiretable. He has also put together a howto on how to use expiretable to block attempts to bruteforce ssh. 'geek00L' has written a short piece on using Snort2c + Expiretable. Thanks to Samuel Ljungkvist and others for ideas.
What's New in This Release:
The ability to specify age in minutes, hours, days, etc. was added.
The age limit was changed to the limit imposed by OpenBSD's nanosleep.
Expiretable 0.6 keywords