DragonFly bugs List (threaded) for 2006-09
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
Re: Another panic in 1.6.x
Petr Janda wrote:
My pf.conf is just a simple one:
ext_if="fxp0"
table <ssh-bruteforce>
block drop in quick on $ext_if from <ssh-bruteforce>
block in
pass out keep state
pass quick on { lo }
antispoof quick for { lo, fxp0 }
#pass in on $ext_if proto tcp to ($ext_if) port ssh \
# flags S/SA keep state \
# (max-src-conn-rate 3/30, overload <ssh-bruteforce> flush global)
pass in on $ext_if proto tcp to ($ext_if) port { ssh, smtp, imap, http,
domain } keep state
pass in on $ext_if proto udp to ($ext_if) port { domain } keep state
The commented section blocks script kiddies, unfortunately it doesnt
work in our PF version. Hence why its commented.
Don't you have any configuration section at all? (directives starting
with set)
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]