Stuart Henderson wrote:
On 2007/05/01 09:04, Chris Cameron wrote:
pf_src_connlimit: blocking address xx.xx.xx.xx, 7 states killed
Can someone point me to where I can read about this? I'd like to know
how it decides to block the IP, how I can change it and at what point
this block times out (which it seems to do).
pf.conf(5): max-src-conn
This looks to be only for rules, not the entire firewall.
I only use this for my SSH rule, which doesn't block all traffic from
that IP (which is what I'm seeing now).
What I'm running into blocks this IP entirely, and doesn't log anything.
This shouldn't be possible with my ruleset.
Chris
