"Steve B" <[EMAIL PROTECTED]> writes: > I'm the one who started this thread. If I can block them for an hour without > a table that would be even better.
Sure, you could have a frequently running cron job which does a pfctl -t bruteforce -T expire 3600 (OpenBSD 4.1 onwards) or use expiretable. At the very bottom of http://home.nuug.no/~peter/pf/en/bruteforce.html I have examples of both. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.