On 27 Dec 2019, at 21:49, Franco Fichtner wrote:
Hi,
On 27. Dec 2019, at 6:45 PM, Kristof Provost
wrote:
What are you trying to accomplish?
Some people believe that "last match" is a great metric to audit rules
for
intrusion detection and all sorts ruleset optimisation and refinement.
I
Hi,
> On 27. Dec 2019, at 6:45 PM, Kristof Provost wrote:
>
> What are you trying to accomplish?
Some people believe that "last match" is a great metric to audit rules for
intrusion detection and all sorts ruleset optimisation and refinement.
In OPNsense the question has popped up a few times
On 26 Dec 2019, at 1:20, Özkan KIRIK wrote:
> Hi,
>
> I need last match timestamps for each rule. ipfw has an option for this.
> But pfctl -v -sr command doesnt show last match timestamp.
> Is there way to gather this information in pf?
>
Pf does not track this.
What are you trying to accomplish?
On 26 Dec 2019, at 1:13, Özkan KIRIK wrote:
Hi,
I want to block SYN with data packets.
I read the pf.conf manual, but couldn't find a clear way to do this.
Is it possible to match packets greater then N bytes using pf on
FreeBSD
12.1 stable?
There isn’t a way to express this in pf right now
On 23 Dec 2019, at 12:00, Andreas Longwitz wrote:
On one of my servers a saw some messages
dssinet kernel:
[zone: pf frag entries] PF frag entries limit reached
The output of the command
vmstat -z | grep "pf frag entries"
was
pf frag entries:40, 5000,0, 5000, 18760, 0,
