The timestamp is reset when you flush and reload the table with
# pfctl -t bruteforce -Ts >/etc/bruteforce
# pfctl -t bruteforce -Tf
# pfctl -t bruteforce -Ta -f /etc/bruteforce
Hmm, that't bad that there is no way to clear address stats without
flushing the table. Actually, there is a fu
On 01/01/2006 04:32:46 AM, Cédric Berger wrote:
Hmm, that't bad that there is no way to clear address stats without
flushing the table. Actually, there is a function in the kernel and
pfctl library (pfr_clr_astats) - We just forgot to implement it in
the pfctl tool. If nobody beats me, I'll look
On Sun, 01 Jan 2006 11:32:46 +0100
Cédric Berger <[EMAIL PROTECTED]> wrote:
> /* clear two address */
> # pfctl -t bruteforce -T? 1.2.3.4 5.6.7.8
c
> /* clear all */
> # pfctl -t bruteforce -Ts | pfctl -t bruteforce -T? -f -
>
>
> I guess the hardest part would be
Daniel Hartmeier wrote:
The timestamp is reset when you flush and reload the table with
# pfctl -t bruteforce -Ts >/etc/bruteforce
# pfctl -t bruteforce -Tf
# pfctl -t bruteforce -Ta -f /etc/bruteforce
Hmm, that't bad that there is no way to clear address stats without
flushing the table
On Sat, Dec 31, 2005 at 07:43:27PM -0500, Elijah Savage wrote:
> If I create a rule like such
>
> table persist file "/etc/bruteforce"
>
> pass proto tcp from any to $www_mail port 22 flags S/SA keep state
> (max-src-conn 5, max-src-conn-rate 4/5, overload uteforce> flush)
>
>
> Will pf wri
All,
If I create a rule like such
table persist file "/etc/bruteforce"
pass proto tcp from any to $www_mail port 22 flags S/SA keep state
(max-src-conn 5, max-src-conn-rate 4/5, overload
uteforce> flush)
Will pf write to the file, I know everything works without writing to a
file. But say