From owner-freebsd-questions@FreeBSD.ORG Mon Oct 2 08:14:45 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BBA4516A412 for ; Mon, 2 Oct 2006 08:14:45 +0000 (UTC) (envelope-from idefix@fechner.net) Received: from michelle.lostinspace.de (michelle.lostinspace.de [62.146.248.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5714443D4C for ; Mon, 2 Oct 2006 08:14:43 +0000 (GMT) (envelope-from idefix@fechner.net) Received: from server.idefix.loc (ppp-82-135-68-99.dynamic.mnet-online.de [82.135.68.99]) (authenticated bits=0) by michelle.lostinspace.de (8.13.8/8.13.8) with ESMTP id k928Ea50060060 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 2 Oct 2006 10:14:41 +0200 (CEST) (envelope-from idefix@fechner.net) Received: from idefix by server.idefix.loc with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GUIwe-0005U0-8m for freebsd-questions@freebsd.org; Mon, 02 Oct 2006 10:14:36 +0200 Date: Mon, 2 Oct 2006 10:14:36 +0200 From: Matthias Fechner To: freebsd-questions@freebsd.org Message-ID: <20061002081435.GB19542@server.idefix.loc> Mail-Followup-To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Crypto: GnuPG/1.0.6 http://www.gnupg.org X-GnuPG: 0x1B756EF6 User-Agent: Mutt/1.5.13 (2006-08-11) Sender: Matthias Fechner X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-2.0.2 (michelle.lostinspace.de [62.146.248.226]); Mon, 02 Oct 2006 10:14:42 +0200 (CEST) X-Virus-Scanned: ClamAV 0.88.4/1963/Mon Oct 2 08:18:26 2006 on michelle.lostinspace.de X-Virus-Status: Clean Subject: Problem with pf - bug? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: bsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Oct 2006 08:14:45 -0000 Hi, I added the following rules to my config for pf: table persist file "/usr/local/firewall/bruteforce" block in log quick inet from to any label "RULE 1 \ -- DROP " pass in log quick inet proto tcp from any to any port 22 flags \ S/AS modulate state ( max-src-conn 100 max-src-conn-rate 5/10, overload \ flush global ) label "RULE 2 -- ACCEPT " If I load the rules everything is fine but if I restart/reload the rules with the command (sudo /etc/rc.d/pf restart) the PC hangup compeletely. CTRL+ALT+del has no effect the only why to get the PC running again is pressing the reset button and do a manual filesystem check. Can anyone please help me? Best regards, Matthias -- "Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the universe trying to produce bigger and better idiots. So far, the universe is winning." -- Rich Cook