Hi, Use the max-pkt-rate parameter instead. It does exactly what you think it does and is thoroughly covered in pf.conf(5) with examples and all.
Regards Jesper Wallin On Wed, Jan 22, 2020 at 10:42:01PM -0700, myml...@gmx.com wrote: > Hi, > > I'm just wondering if there is a way to rate limit icmp echo request. > i.e. pings. > > I tried the following rule but it errors out with "syntax error" > > pass in quick on em1 inet proto icmp from 192.168.0.23 to 192.168.1.2 > icmp-type echoreq (max-src-conn-rate 1/2, overload <abusive_hosts> flush) > > I'm trying to avoid even standard pings and especially "ping -f". > > Additionally, I was wondering if there would be a way to block icmp > that's over a certain size. "ping -s". > > > Thanks in advance!!! >
