On 11/28/06, Charles Lacroix <[EMAIL PROTECTED]> wrote:
table <badhosts> {} persist block quick on $ext_if proto tcp from <badhosts> to $external_addr port 23 pass in on $ext_if proto tcp to $external_addr port 23 flags S/SA modulate \ state (max-src-conn-rate 5/60, overload <badhosts> flush global)1. I wanted to do is make sure the ip's get unbanned after let's say 30 minutes or so.
You need an external utility, http://expiretable.fnord.se/ is one I've looked at, there are a couple other similar ones.
2. When my ip gets into badhosts, most of my current ssh connections hang. it's kinda strange since my block rule is specific on the telnet port.
That's exactly what you've asked pf to do with "flush global" -- Jon _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
