All,
If I create a rule like such
table <bruteforce> persist file "/etc/bruteforce"
pass proto tcp from any to $www_mail port 22 flags S/SA keep state
(max-src-conn 5, max-src-conn-rate 4/5, overload <br
uteforce> flush)
Will pf write to the file, I know everything works without writing to a
file. But say I do not want to loose those addresses that have been
blocked to a unexpected crash or needing to reboot such a box for
hardware upgrade. Also if a policy has been put in place that gets
caught by this rule must be there for 30 days without a hit on it is
there anyway to tell when the last hit occurred?
--
http://www.digitalrage.org/
The Information Technology News Center
