On 2020-01-24, [email protected] <[email protected]> wrote: > Hi All, > > Thanks to Jesper and Stuart, i'm using max-pkt-rate not! > > I'm also using max-src-conn-rate and overload in conjunction with authpf > and I'm worried that potentially valid traffic may get blocked. > > I'm wondering if it's a condoned/accepted/best practice to use cron with > pfctl to expire table entries that are over a certain age.
Yes, that is often required, "pfctl -T expire [number]" is for exactly this.
