Date: Fri, 15 Jun 2012 16:17:06 -0000 From: "Shiv. Nath" <prabhpal@digital-infotech.net> To: freebsd-stable@FreeBSD.ORG Subject: PF to Preventing SMTP Brute Force Attacks Message-ID: <4360846ab93b3a2b1968ee0f262cf148.squirrel@mail.digital-infotech.net>
next in thread | raw e-mail | index | archive | help
Hi FreeBSD Gurus, i want to use PF to Preventing SMTP Brute Force Attacks. i need some help to understand correct syntax. URL Explaining this: http://www.openbsd.org/faq/pf/filter.html#stateopts i expect the following behavior from the PF rule below: Limit the absolute maximum number of states that this rule can create to 200 Enable source tracking; limit state creation based on states created by this rule only Limit the maximum number of nodes that can simultaneously create state to 100 Limit the maximum number of simultaneous states per source IP to 3 Solution: int0="em0" trusted_tcp_ports="{22,25,443,465}" pass in on $int0 proto tcp from any to any port $trusted_tcp_ports keep state max 200, source-track rule, max-src-nodes 100, max-src-states 3 please help .. Thanks / Regards
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4360846ab93b3a2b1968ee0f262cf148.squirrel>