From owner-freebsd-stable@FreeBSD.ORG Tue Apr 11 11:35:28 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF1FC16A403 for ; Tue, 11 Apr 2006 11:35:28 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id E5E1643D46 for ; Tue, 11 Apr 2006 11:35:27 +0000 (GMT) (envelope-from doconnor@gsoft.com.au) Received: from inchoate.gsoft.com.au (ppp222-116.lns2.adl4.internode.on.net [203.122.222.116]) (authenticated bits=0) by cain.gsoft.com.au (8.13.5/8.13.4) with ESMTP id k3BBZDdZ038744 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 11 Apr 2006 21:05:13 +0930 (CST) (envelope-from doconnor@gsoft.com.au) From: "Daniel O'Connor" To: freebsd-stable@freebsd.org Date: Tue, 11 Apr 2006 21:05:02 +0930 User-Agent: KMail/1.9.1 References: <443B6FC8.8080503@egonflower.com> In-Reply-To: <443B6FC8.8080503@egonflower.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart10664525.Hyudp35kP9"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200604112105.09788.doconnor@gsoft.com.au> X-Spam-Score: 0 () X-Scanned-By: MIMEDefang 2.56 on 203.31.81.10 Cc: Matteo 'egon' Baldi Subject: Re: bruteforce X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Apr 2006 11:35:28 -0000 --nextPart10664525.Hyudp35kP9 Content-Type: text/plain; charset="iso-8859-15" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tuesday 11 April 2006 18:28, Matteo 'egon' Baldi wrote: > gate# pfctl -f /etc/pf.conf > /etc/pf.conf:48: illegal timeout name max-src-conn-rate > pfctl: Syntax error in config file: pf rules not loaded Your version of FreeBSD is too old and has a version of pf that pre-dates t= his=20 feature. I suggest an upgrade to RELENG_6 or wait until 6.1 comes out. PS here is a page with how I do it..=20 http://www.gsoft.com.au/~doconnor/brute-force-mitigation.html (With a script to expire IPs from the table) =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart10664525.Hyudp35kP9 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQBEO5Rt5ZPcIHs/zowRAvQvAJ9s0T7Jmh4QIqncNIxnOuWE1bVG4QCeMSNS +wRI/U0KWy31KzuyfK8zRaA= =zQmF -----END PGP SIGNATURE----- --nextPart10664525.Hyudp35kP9--