On 2005/11/12 01:11:02, Joachim Schipper wrote: > > pass in quick on $ext_if proto tcp from any to ($ext_if) port 22 keep state > > (max-src-conn-rate 3/10, overload <attackers> flush) > > This sort of thing is really popular, but I don't see the point.
See pf.conf(5) about max-src-conn, and compare it with max-src-states.
