Jordi Espasa Clofent
Tue, 24 Nov 2009 04:39:36 -0800
Hi all, I use the next rule: # SSH brutes protectionpass quick on $bridge inet proto tcp from any to $vlan10 port 22 keep state \
(max-src-conn 20, max-src-conn-rate 3/12, \
overload <ssh_brutes> flush global)
with success. No problem, all works fine.
I wonder if I can apply this type of rule to UDP connections (I try to
protect some busy DNS servers)
--I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain.
Bene Gesserit Litany Against Fear.