Security blocking question
Matthew Seaman
m.seaman at infracaninophile.co.uk
Sat Oct 10 07:12:54 UTC 2009
Svante Kvarnstrom wrote:
>
> On Oct 9, 2009, at 11:56 PM, Matthew Seaman wrote:
>
>> plus you'll need to add a cron job to clear old entries out of the
>> ssh-bruteforce
>> table after a suitable amount of time has passed. Use expiretable to do
>> that.
> I believe that security/expiretable is superfluous nowadays since pfctl
> supports the -T expire directive.
Yes -- that is true. Seems '-T expire' works in 7-STABLE and 7.1-RELEASE,
7.2-RELEASE -- not sure about older versions though.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20091010/177bc528/signature.pgp
More information about the freebsd-questions
mailing list