Date: Wed, 15 Jan 2020 23:02:29 +0300 From: =?UTF-8?B?w5Z6a2FuIEtJUklL?= <ozkan.kirik@gmail.com> To: freebsd-pf@freebsd.org Subject: Usage of global tables and anchor Message-ID: <CAAcX-AEWaRBitMwtiXPUXKMVTxoWQ1LOr%2BXm5OuMoWG2jdF_QA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi,
I'm trying to use overload tables using global tables within anchors.
Sample ruleset is shown below:
table <bruteforce> persist
block quick from <bruteforce>
pass in proto tcp to port ssh modulate state \
(max-src-conn-rate 5/3, overload <bruteforce> flush global)
anchor "ftp" {
pass in proto tcp to port ftp modulate state \
(max-src-conn 2, overload <bruteforce> flush global )
pass in proto tcp to port { 40000:50000 }
pass out proto tcp to port ftp
}
But i get the error below:
pfctl: warning: namespace collision with <bruteforce> global table.
I saw that, pf was created a new table instance in anchor "ftp", Even there
is no table declaration in anchor.
# pfctl -sT
bruteforce
# pfctl -sT -a ftp
bruteforce
How can I use global tables for overload in anchors?
Regards
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAcX-AEWaRBitMwtiXPUXKMVTxoWQ1LOr%2BXm5OuMoWG2jdF_QA>