hi, the max-src-conn vs fuctionality is added at OpenBSD 3.7. Thus, you can use these rules with openbsd3.7 and later releases..
>From http://www.openbsd.org/37.html ; " Support limiting TCP connections by establishment rate, automatically adding flooding IP addresses to tables and flushing states (max-src-conn-rate, overload <table>, flush global). " 2005/9/5, Huzeyfe Onal <[EMAIL PROTECTED]>: > > hi, > the max-src-conn vs fuctionality is added at OpenBSD 3.7. Thus, you can use > these rules with openbsd3.7 and later releases.. > From http://www.openbsd.org/37.html > " Support limiting TCP connections by establishment rate, automatically > adding flooding IP addresses to tables and flushing states > (max-src-conn-rate, overload <table>, flush global). " > > > 2005/9/5, ed <[EMAIL PROTECTED]>: > > > Hello, > > > > On an openbsd 3.7 install the following rule will work yet not on a 3.6, > > is there a difference in the way the rule should be declared, or if pf > > can be upgraded, how should I do this? > > > > ext_if=xl0 > > ext_network=1.2.3.4/5 > > > > pass in on $ext_if proto tcp from any to $ext_network port {22,3389} > > keep state ( max-src-conn 3, max-src-conn-rate 2/5, overload <abuse_src> > > flush global ) > > > > > > > > -- > > http://edd.link9.net - http://irc.is-cool.net > > > > > > -- > Huzeyfe ÖNAL > --- > First Turkish Qmail book is out! Go check it. > Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. > http://www.acikakademi.com/catalog/qmail/ > -- Huzeyfe ÖNAL --- First Turkish Qmail book is out! Go check it. Duydunuz mu! Turkiye'nin ilk Qmail kitabi cikti. http://www.acikakademi.com/catalog/qmail/
