Added a table-entry count and doas instructions incase I bump along the limits

README.md

@@ -1,4 +1,5 @@
 # Updates
+- 7th July 2025: Added a count for the number of table entries - pf sets a maximum and it would be handy to know if I'm bumping along that number.
 - 1st July 2025: Renamed "HAIL_MARY" to "CLOUD_BRUTEFORCE_MITIGATION". Read [Catechism of the Catholic Church](https://www.vatican.va/archive/ENG0015/_INDEX.HTM) before complaining.
 - 19th June 2025: Updated the _AGENT to the latest Windows Firefox as some sites were rejecting download attempts based on an outdated user agent.
 
@@ -38,6 +39,7 @@ cat /etc/doas.conf
 permit root
 permit nopass _pfbadhost cmd /sbin/pfctl args -nf /etc/pf.conf
 permit nopass _pfbadhost cmd /sbin/pfctl args -t pfbadhost -T replace -f /etc/pf-badhost.txt
+permit nopass _pfbadhost cmd /sbin/pfctl args -t pfbadhost -T show | wc -l
 # Optional rule for authlog scanning
 permit nopass _pfbadhost cmd /usr/bin/zcat args -f /var/log/authlog /var/log/authlog.0.gz
 ...

pf-badhost.sh

@@ -101,6 +101,7 @@ _BOGON_6=0
 ###################################################################
 # Country GeoIP Blacklist
 # Enter any ISO-3166 Country Codes you want to block (1 per line)
+# Which can be found here: https://www.iban.com/country-codes
 # Lines below starting with '#' or ';' will be ignored
 _COUNTRY_CODES=$(cat <<'__EOT'
 # CN
@@ -744,6 +745,11 @@ V6_TOTAL() {
 	fi
 }
 
+TABLE_TOTAL() {
+	# Number of tables entries
+	pfctl -t pfbadhost -T show | wc -l
+}
+
 # ------------------------------------------------------------------------------
 # Logging Functions
 # ------------------------------------------------------------------------------
@@ -782,6 +788,8 @@ PRINT_STATS() {
 	else
 		printf '\n\n'
 	fi
+
+	printf 'table-entries: %s\n\n' "${table_total}"
 }
 
 # ------------------------------------------------------------------------------