From owner-freebsd-questions@FreeBSD.ORG Fri Oct 9 23:40:07 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A33881065672 for ; Fri, 9 Oct 2009 23:40:07 +0000 (UTC) (envelope-from sjk@ankeborg.nu) Received: from mail.three-dimensional.net (unknown [IPv6:2001:16d8:ffac:2::9]) by mx1.freebsd.org (Postfix) with ESMTP id 546B28FC08 for ; Fri, 9 Oct 2009 23:40:07 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.three-dimensional.net (Postfix) with ESMTP id 1831CFB16C for ; Sat, 10 Oct 2009 01:40:06 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at three-dimensional.net Received: from mail.three-dimensional.net ([127.0.0.1]) by localhost (mail.three-dimensional.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id n+-5Oa3-xLD9 for ; Sat, 10 Oct 2009 01:40:02 +0200 (CEST) Received: from [192.168.20.3] (host-90-232-94-234.mobileonline.telia.com [90.232.94.234]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: sjk@ankeborg.nu) by mail.three-dimensional.net (Postfix) with ESMTPSA id 5B752FB16B for ; Sat, 10 Oct 2009 01:40:01 +0200 (CEST) Message-Id: From: Svante Kvarnstrom To: freebsd-questions@freebsd.org In-Reply-To: <4ACFB17A.1080400@infracaninophile.co.uk> Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-1--200995796" Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Date: Sat, 10 Oct 2009 01:39:54 +0200 References: <526808.11391.qm@web56207.mail.re3.yahoo.com> <4ACFB17A.1080400@infracaninophile.co.uk> X-Pgp-Agent: GPGMail 1.2.0 (v56) X-Mailer: Apple Mail (2.935.3) Subject: Re: Security blocking question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Oct 2009 23:40:07 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-1--200995796 Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable On Oct 9, 2009, at 11:56 PM, Matthew Seaman wrote: > plus you'll need to add a cron job to clear old entries out of the =20 > ssh-bruteforce > table after a suitable amount of time has passed. Use expiretable =20 > to do > that. I believe that security/expiretable is superfluous nowadays since =20 pfctl supports the -T expire directive. Best wishes, Svante Kvarnstr=F6m Mob.: +46 702 38 34 00 --Apple-Mail-1--200995796 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (Darwin) iD8DBQFKz8nNe5GlzNJGWIQRAlq+AJ9eWztuOrjCDRxVT0JFyU5Z+AMgAgCeIC88 PrQ8QLUrWJuN9a1uTkYwCwA= =NdG8 -----END PGP SIGNATURE----- --Apple-Mail-1--200995796--