promt solution with max-src-conn-rate
Scott Ullrich
sullrich at gmail.com
Tue May 16 01:29:31 UTC 2006
On 5/15/06, Max Laier <max at love2party.net> wrote:
> You have to be aware that this otoh might open you to DoS attacks. People
> spoofing connections from your address will lock you out from your own
> server.
An alternative is available for PF that monitors the ssh syslog.
Take a look at:
http://pfsense.com/cgi-bin/cvsweb.cgi/tools/pfPorts/sshlockout_pf/files/sshlockout_pf.c?rev=1.1
Scott
More information about the freebsd-pf
mailing list