* Peter Fraser <[email protected]> [2009-07-08 19:45]: > I noticed the new "match" keyword in pf. > > Will it help with this problem. > > I constantly have bad guys sweeping though all > the addresses in my class C network, trying > things like ssh. > > I would like to notice these bad guys and > block them. > > The obvious method of add them to a queue and > Using "overload" to block the source IP can > not be used (with the current 4.5 version of pf > since you cannot add a packet to a queue that > is blocked.
yes it'll work. that doesn't mean it makes sense tho. -- Henning Brauer, [email protected], [email protected] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
