Date: Tue, 28 Nov 2006 13:45:14 -0800 From: "Jon Simola" <jsimola@gmail.com> To: "Charles Lacroix" <clacroix@cegep-ste-foy.qc.ca> Cc: FreeBSD <freebsd-pf@freebsd.org> Subject: Re: Question about pf Message-ID: <8eea04080611281345m5a2587a8i8acfe5a0d219a8f3@mail.gmail.com> In-Reply-To: <200611281632.05280.clacroix@cegep-ste-foy.qc.ca> References: <200611281632.05280.clacroix@cegep-ste-foy.qc.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/28/06, Charles Lacroix <clacroix@cegep-ste-foy.qc.ca> wrote:
> table <badhosts> {} persist
> block quick on $ext_if proto tcp from <badhosts> to $external_addr port 23
> pass in on $ext_if proto tcp to $external_addr port 23 flags S/SA modulate \
> state (max-src-conn-rate 5/60, overload <badhosts> flush global)
>
> 1. I wanted to do is make sure the ip's get unbanned after let's say 30
> minutes or so.
You need an external utility, http://expiretable.fnord.se/ is one I've
looked at, there are a couple other similar ones.
> 2. When my ip gets into badhosts, most of my current ssh connections hang.
> it's kinda strange since my block rule is specific on the telnet port.
That's exactly what you've asked pf to do with "flush global"
--
Jon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8eea04080611281345m5a2587a8i8acfe5a0d219a8f3>