OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: sja1440 on May 11, 2020, 08:49:54 am

Title: How can I dynamically add an ipv4 address to a blocklist?
Post by: sja1440 on May 11, 2020, 08:49:54 am: When an ipv4 address from the internet attempts to connect to a specific group of closed ports on my firewall, I would like the address to be automatically added to a blocklist (i.e. a pf Table). Addresses on the blocklist are denied all access to the firewall. Addresses would be removed from the blocklist after a fixed amount of time (say 1 day).

What is the best way of doing this on OPNsense?

I suppose that one way of doing it might be to produce a script to listen on the firewall logs and when a trigger event occurs add the offending address to an Alias. But, if I can, I would prefer to use distributed OPNsense software.

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy