From owner-freebsd-questions@FreeBSD.ORG Wed Oct 15 21:05:14 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EDF891065690 for ; Wed, 15 Oct 2008 21:05:13 +0000 (UTC) (envelope-from yury.michurin@gmail.com) Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.29]) by mx1.freebsd.org (Postfix) with ESMTP id A47D98FC20 for ; Wed, 15 Oct 2008 21:05:13 +0000 (UTC) (envelope-from yury.michurin@gmail.com) Received: by yx-out-2324.google.com with SMTP id 8so689276yxb.13 for ; Wed, 15 Oct 2008 14:05:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type:references; bh=o7itREG0HnoxeZbOO/PX2T2CBP/LNy8uJWk9UzoTyJc=; b=fbKyoo2692a12LArUpV92IwrgwDNdz/fD8B7yBc3kvMxUzr8JQDL0/fS7jSOCA5fF3 4iNv6wbOKNym5T/2V8zA+5rje9Ovjou5sNuignhlvMWtFqXvnRSrapadMj2GSnaPOXzk vRlWiPzWixcDGERISRNNew5wk4qwVh82tzk8w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:references; b=JytHyPGqCEK0mjbx/0N1p7F3rf3Pa0jMvIxxtIkdUoRsTo7bjucWVRZ1nJ/SlBNx5Q NtNYl6GJAY/MMtApAszAWXapqGl4TgOhsq9SojmUkJ7rlR/tZFg0QR/lbHJ8r8j8vAGV 0LNZyv09isGoaTmqDCZqGLuJVGZ2CX2hDAkQI= Received: by 10.100.232.18 with SMTP id e18mr1732062anh.85.1224104712810; Wed, 15 Oct 2008 14:05:12 -0700 (PDT) Received: by 10.100.122.10 with HTTP; Wed, 15 Oct 2008 14:05:12 -0700 (PDT) Message-ID: <692c9a9f0810151405t3e573cfs3fd4d2a801110c89@mail.gmail.com> Date: Wed, 15 Oct 2008 23:05:12 +0200 From: "Yury Michurin" To: "Peter Clark" In-Reply-To: <48F621C2.8080405@mtmary.edu> MIME-Version: 1.0 References: <48F621C2.8080405@mtmary.edu> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: FreeBSD Questions Subject: Re: PF syntax error X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Oct 2008 21:05:14 -0000 Hello, I have in my pf.conf: pass in proto tcp from ! to any port www flags S/SA synproxy state (max-src-conn 20, max-src-conn-rate 30/60, overload flush global) and it seems to work just fine... Regards, Yury. On Wed, Oct 15, 2008 at 7:00 PM, Peter Clark wrote: > Hello, > > I am not sure if I should be here or over at a pf specific list but here is > my problem. > > I am trying my hand at pf on a 7.0-p5 RELEASE box and one rule is giving me > problems. > > pass in quick on $ext_if proto tcp from any to any port 22 flags S/SA \ > (max-src-conn 15, max-src-conn-rate 5/3, overload flush > global) > > Actually the "pass in" line does not generate the error. The next line > does. > > /etc/pf.conf:71: syntax error > If I remove the line the error goes away (obviously). I have tried using > the exact line from the FreeBSD pf.conf man page: > > (max-src-conn-rate 100/10, overload flush global) > > (I changed to )and that generates the same error. I > tried just using: > (max-src-conn-rate 100/10) > > but that too gives me a syntax error. > > Any help is appreciated. > > Peter Clark > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >