Date: Sun, 21 Aug 2005 22:12:45 -0500 From: "Jason" <Jason@WinSE.ath.cx> To: <freebsd-pf@freebsd.org> Subject: Support for max-src-conn, max-src-conn-rate, overload Message-ID: <NPEBKJIDMDBPHOLKGGBAGEOICCAA.Jason@WinSE.ath.cx>
next in thread | raw e-mail | index | archive | help
I have noticed that these features of PF are supported in OpenBSD's pf, but
not FreeBSD's pf. Is there any patch to add them, or plan to add support
for them in the future? Have I done something wrong? Thanks.
max-src-conn number
max-src-conn-rate number / interval
overload <table>
flush [global]
Example of usage from the OpenBSD PF manual:
table <abusive_hosts> persist
block in quick from <abusive_hosts>
pass in on $ext_if proto tcp to $web_server \
port www flags S/SA keep state \
(max-src-conn 100, max-src-conn-rate 15/5, overload <abusive_hosts>
flush)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NPEBKJIDMDBPHOLKGGBAGEOICCAA.Jason>