Yury Michurin wrote:
Hello,
I have in my pf.conf:
pass in proto tcp from !<ABUSERS> to any port www flags S/SA synproxy
state (max-src-conn 20, max-src-conn-rate 30/60, overload <ABUSERS>
flush global)
and it seems to work just fine...
Regards,
Yury.
On Wed, Oct 15, 2008 at 7:00 PM, Peter Clark <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
Hello,
I am not sure if I should be here or over at a pf specific list but
here is my problem.
I am trying my hand at pf on a 7.0-p5 RELEASE box and one rule is
giving me problems.
pass in quick on $ext_if proto tcp from any to any port 22 flags S/SA \
(max-src-conn 15, max-src-conn-rate 5/3, overload <bruteforce>
flush global)
Actually the "pass in" line does not generate the error. The next
line does.
/etc/pf.conf:71: syntax error
If I remove the line the error goes away (obviously). I have tried
using the exact line from the FreeBSD pf.conf man page:
(max-src-conn-rate 100/10, overload <bad_hosts> flush global)
(I changed <bad_hosts> to <bruteforce>)and that generates the same
error. I tried just using:
(max-src-conn-rate 100/10)
but that too gives me a syntax error.
Any help is appreciated.
Peter Clark
_______________________________________________
freebsd-questions@freebsd.org <mailto:freebsd-questions@freebsd.org>
mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>"
It is because I do not have a "keep state" directive in mine. I took it
out because the pf 4.1 default is "flags S/SA keep state". Yours works
because you have the synproxy state directive.
Thanks,
Peter Clark
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
