On 2018-12-20, Steve Fairhead wrote:
> On 20/12/2018 13:20, tors...@cnc-london.net wrote:
>> Try to add below to your pf.conf
>>
>> table persist
>>
>> pass in on $ext_if inet proto tcp from any to $ext_if port 1194 \
>> (max-src-conn 10, max-src-conn-rate 30/5, \
>>
On 20/12/2018 13:20, tors...@cnc-london.net wrote:
Try to add below to your pf.conf
table persist
pass in on $ext_if inet proto tcp from any to $ext_if port 1194 \
(max-src-conn 10, max-src-conn-rate 30/5, \
overload flush global)
This is pretty much exactly what I
On 12/19/18 10:26 PM, Steve Fairhead wrote:
> I already use pf.conf to protect my ssh port against such attacks
> (rate-limiting). Can I do anything similar with pf for the openvpn port?
> Don't want to block real users if they screw up once or twice...
> although they are few enough that I can
...@openbsd.org] On Behalf Of Steve
Fairhead
Sent: 19 December 2018 21:27
To: misc@openbsd.org
Subject: blocking openvpn port scanners
I'm probably missing something obvious. Cluebats invited.
A few OpenBSD servers I look after have OpenVPN server installed (for
homeworkers' access), which means port
I'm probably missing something obvious. Cluebats invited.
A few OpenBSD servers I look after have OpenVPN server installed (for
homeworkers' access), which means port 1194 is open. Recently they seem
to have appeared on some scumbag's "hack this" list, as they're
constantly deluged with
5 matches
Mail list logo
