Date: Tue, 11 Apr 2006 10:58:48 +0200 From: Matteo 'egon' Baldi <ml@egonflower.com> To: freebsd-stable@freebsd.org Subject: bruteforce Message-ID: <443B6FC8.8080503@egonflower.com>
next in thread | raw e-mail | index | archive | help
Hy, I'm triing to find a solution to bruteforce attack, mostly on port
22, without moving services on different ports.
I've try something similar to this:
table <ssh-bruteforce> persist
block in quick from <ssh-bruteforce>
pass in on $ext_if proto tcp from any to ($ext_if) port ssh \
flags S/SA keep state \
(max-src-conn-rate 3/30, overload <ssh-bruteforce> flush global
block drop in quick on $ext_if from <ssh-bruteforce>
but i get:
gate# pfctl -f /etc/pf.conf
/etc/pf.conf:48: illegal timeout name max-src-conn-rate
pfctl: Syntax error in config file: pf rules not loaded
where do I go wrong??
egon.
---------------------------
kernel options:
# PF Support
options IPSEC
device pf
device pflog
device pfsync
options QUOTA
#ALTQ Support
options ALTQ
options ALTQ_CBQ
options ALTQ_RED
options ALTQ_RIO
options ALTQ_HFSC
options ALTQ_CDNR
options ALTQ_PRIQ
------------------------------------
--
-----------------------------------------------------------------------------------------------
You are not your job.
You're not how much money you have in the bank.
You're not the car you drive.
You're not the contents of your wallet.
You're not your fucking khakis.
You are the all-singing, all-dancing crap of the world...
----------------------------------------------------------------------------------------------
http://www.015-bsd.org
info@015-bsd.org
-----------------------------------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?443B6FC8.8080503>