Question about pf

Charles Lacroix clacroix at cegep-ste-foy.qc.ca
Tue Nov 28 13:33:03 PST 2006


hi, 

i read some of the pf.conf man page and i found something really neat for my 
servers. It's not 100% what i need but very close and i was hoping you pf 
gurus could help me out with this one.



I have created the following rules and i have 2 small problems.

table <badhosts> {} persist
block quick     on $ext_if proto tcp from <badhosts> to $external_addr port 23 

pass in on $ext_if proto tcp to $external_addr port 23 flags S/SA modulate \     
state (max-src-conn-rate 5/60, overload <badhosts> flush global)


1. I wanted to do is make sure the ip's get unbanned after let's say 30 
minutes or so.

2. When my ip gets into badhosts, most of my current ssh connections hang.
it's kinda strange since my block rule is specific on the telnet port.


any ideas/comments

Thanks
Charles


More information about the freebsd-pf mailing list