PF syntax error
yury.michurin at gmail.com
Wed Oct 15 14:05:14 PDT 2008
I have in my pf.conf:
pass in proto tcp from !<ABUSERS> to any port www flags S/SA synproxy state
(max-src-conn 20, max-src-conn-rate 30/60, overload <ABUSERS> flush global)
and it seems to work just fine...
On Wed, Oct 15, 2008 at 7:00 PM, Peter Clark <clarkp at mtmary.edu> wrote:
> I am not sure if I should be here or over at a pf specific list but here is
> my problem.
> I am trying my hand at pf on a 7.0-p5 RELEASE box and one rule is giving me
> pass in quick on $ext_if proto tcp from any to any port 22 flags S/SA \
> (max-src-conn 15, max-src-conn-rate 5/3, overload <bruteforce> flush
> Actually the "pass in" line does not generate the error. The next line
> /etc/pf.conf:71: syntax error
> If I remove the line the error goes away (obviously). I have tried using
> the exact line from the FreeBSD pf.conf man page:
> (max-src-conn-rate 100/10, overload <bad_hosts> flush global)
> (I changed <bad_hosts> to <bruteforce>)and that generates the same error. I
> tried just using:
> (max-src-conn-rate 100/10)
> but that too gives me a syntax error.
> Any help is appreciated.
> Peter Clark
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions