Date: Thu, 28 Sep 2006 17:14:29 +0200 From: Thierry Thomas <thierry@FreeBSD.org> To: John Baldwin <jhb@freebsd.org> Cc: freebsd-chat@freebsd.org Subject: Re: Party Message-ID: <20060928151429.GP1654@graf.pompo.net> In-Reply-To: <200609281019.42614.jhb@freebsd.org> References: <20060920104047.GA49442@splork.wirewater.yow> <5dc6f198bfa0075cef0c190d90351273@FreeBSD.org> <200609271926.14172.soralx@cydem.org> <200609281019.42614.jhb@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Le Jeu 28 sep 06 à 16:19:42 +0200, John Baldwin <jhb@freebsd.org> écrivait : > ports/security/bruteblock (there's another one for pf, this one is for ipfw) No need for an external tool with pf. Just add this kind of rule: table <ssh-bruteforce> persist block in quick from <ssh-bruteforce> pass in quick on $ext_if inet proto tcp from any to ($ext_if) \ port 22 flags S/SA keep state \ ( max-src-conn-rate 2/10, overload <ssh-bruteforce> flush global) [Tip found at <http://beta.gcu.info/>; (a french site)] -- Th. Thomas.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060928151429.GP1654>