On 2/9/11 10:00 PM, Vadym Chepkov wrote: > > > On Feb 9, 2011, at 5:00 AM, Damien Fleuriot wrote: > >> Looks like my previous message didn't make it to the list. >> >> >> @OP: nothing indicates that your table is getting populated correctly. >> >> While this doesn't address your main issue, you may want to install >> sshguard which will automatically blacklist attackers and populate a >> dedicated table. >> > > > Thanks for the suggestion, but as you said, it's a workaround. > I'd rather try to understand why something that suppose to work, does not. > Because this is something I have visibility to. What if something else > doesn't work as expected and I blindly trust it? > > Vadym >
>From one of your other messages in the thread, you seem to be afraid of lowering the PF limits too much that it would blacklist you too. With sshguard you could whitelist your own IPs, while configuring it to blacklist people after 5 failed attempts in a minute for example. That would achieve what you want to do here with the overload directive. _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
