Better use something like fail2ban.
--
Best regards,
Adrian Minta
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
> On Jun 15, 2012, at 12:55 PM, Shiv. Nath wrote:
>
>> # START
>> table bruteforce persist
>> block in log quick from bruteforce
>>
>> pass in on $ext_if proto tcp \
>> from any to $ext_if port $trusted_tcp_ports \
>> flags S/SA keep state \
>> (max-src-conn-rate 3/300, overload bruteforce flush g
>> Dear Mattthew,
>>
>> Grateful for sending me in right direction, solution really sounds well.
>> Does it look good configuration for "/etc/pf.conf" ?
>>
>> # START
>> table bruteforce persist
>
> Watch the syntax -- it's table persist with angle brackets.
>
>> block in log quick from bruteforc
On Jun 15, 2012, at 12:55 PM, Shiv. Nath wrote:
> # START
> table bruteforce persist
> block in log quick from bruteforce
>
> pass in on $ext_if proto tcp \
> from any to $ext_if port $trusted_tcp_ports \
> flags S/SA keep state \
> (max-src-conn-rate 3/300, overload bruteforce flush global)
>
>
On 15/06/2012 17:55, Shiv. Nath wrote:
>
>> Limiting yourself to 200 states won't protect you very much -- you tend
>> to get a whole series of attacks from the same IP, and that just uses
>> one state at a time.
>>
>> Instead, look at the frequency with which an attacker tries to connect
>> to yo
On Fri, Jun 15, 2012 at 04:17:06PM -, Shiv. Nath wrote:
> Hi FreeBSD Gurus,
>
>
> i want to use PF to Preventing SMTP Brute Force Attacks. i need some help
> to understand correct syntax.
>
> URL Explaining this: http://www.openbsd.org/faq/pf/filter.html#stateopts
>
>
> i expect the foll
> Limiting yourself to 200 states won't protect you very much -- you tend
> to get a whole series of attacks from the same IP, and that just uses
> one state at a time.
>
> Instead, look at the frequency with which an attacker tries to connect
> to you. Something like this:
>
> table persist
>
>
On 15/06/2012 17:17, Shiv. Nath wrote:
> Hi FreeBSD Gurus,
>
>
> i want to use PF to Preventing SMTP Brute Force Attacks. i need some help
> to understand correct syntax.
>
> URL Explaining this: http://www.openbsd.org/faq/pf/filter.html#stateopts
>
>
> i expect the following behavior from the
