Party
John Baldwin
jhb at freebsd.org
Thu Sep 28 11:44:38 PDT 2006
On Thursday 28 September 2006 11:14, Thierry Thomas wrote:
> Le Jeu 28 sep 06 à 16:19:42 +0200, John Baldwin <jhb at freebsd.org>
> écrivait :
>
> > ports/security/bruteblock (there's another one for pf, this one is for
ipfw)
>
> No need for an external tool with pf. Just add this kind of rule:
>
> table <ssh-bruteforce> persist
> block in quick from <ssh-bruteforce>
> pass in quick on $ext_if inet proto tcp from any to ($ext_if) \
> port 22 flags S/SA keep state \
> ( max-src-conn-rate 2/10, overload <ssh-bruteforce> flush global)
Depends. I only want to block bad connections. I don't want to lock myself
out if I happen to open too many ssh session terminals at work. :)
--
John Baldwin
More information about the freebsd-chat
mailing list