Date: Thu, 28 Sep 2006 14:23:51 -0400 From: John Baldwin <jhb@freebsd.org> To: Thierry Thomas <thierry@freebsd.org> Cc: freebsd-chat@freebsd.org Subject: Re: Party Message-ID: <200609281423.52065.jhb@freebsd.org> In-Reply-To: <20060928151429.GP1654@graf.pompo.net> References: <20060920104047.GA49442@splork.wirewater.yow> <200609281019.42614.jhb@freebsd.org> <20060928151429.GP1654@graf.pompo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 28 September 2006 11:14, Thierry Thomas wrote: > Le Jeu 28 sep 06 =E0 16:19:42 +0200, John Baldwin <jhb@freebsd.org> > =E9crivait=A0: >=20 > > ports/security/bruteblock (there's another one for pf, this one is for= =20 ipfw) >=20 > No need for an external tool with pf. Just add this kind of rule: >=20 > table <ssh-bruteforce> persist > block in quick from <ssh-bruteforce> > pass in quick on $ext_if inet proto tcp from any to ($ext_if) \ > port 22 flags S/SA keep state \ > ( max-src-conn-rate 2/10, overload <ssh-bruteforce> flush global) Depends. I only want to block bad connections. I don't want to lock mysel= f=20 out if I happen to open too many ssh session terminals at work. :) =2D-=20 John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200609281423.52065.jhb>