Security blocking question

Matthew Seaman m.seaman at
Sat Oct 10 07:12:54 UTC 2009

Svante Kvarnstrom wrote:
> On Oct 9, 2009, at 11:56 PM, Matthew Seaman wrote:
>> plus you'll need to add a cron job to clear old entries out of the 
>> ssh-bruteforce
>> table after a suitable amount of time has passed.  Use expiretable to do
>> that.

> I believe that security/expiretable is superfluous nowadays since pfctl 
> supports the -T expire directive.

Yes -- that is true.  Seems '-T expire' works in 7-STABLE and 7.1-RELEASE,
7.2-RELEASE -- not sure about older versions though.



Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP:     Ramsgate
                                                  Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
Url :

More information about the freebsd-questions mailing list