macOS下使用 PF防火墙建立临时 IP黑名单

截屏2020-09-03 13.25.44.png

pfctl 命令：

man pfctl

pf.conf 详细介绍/规则语句/写法/注意事项等等

man pf.conf

$ cat /etc/pf.anchors/black_ip.conf

#
# See pf.conf(5) for syntax.
#

set limit table-entries 100000
set ruleset-optimization basic
set fingerprints "/etc/pf.os"
set optimization normal
set block-policy drop
set skip on lo0

interface0 = en0

# TRAFFIC NORMALIZATION

scrub in on $interface0 all fragment reassemble
# scrub in on $interface0 all { no-df random-id }

# Packet Filtering
# TABLE
table <black_ip_lists> persist

# BLACK
block in log on $interface0 proto { tcp, udp } from <black_ip_lists> to any

使用：

# 增
$ sudo pfctl -t black_ip_lists -T add 103.90.93.238

# 删
$ sudo pfctl -t black_ip_lists -T delete 103.90.93.238

# 查
$ sudo pfctl -t black_ip_lists -T show