I have added more rules here and trying to avoid putting my entire rule set on display.
All my block rules are however listed.
Code:
norouteips = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8, 0.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, 240.0.0.0/4 }"
tcpservices = "{ domain, www, smtp, https, 10000 }"
table <bruteforce> persist file "/pathto/bruteforceblock"
block all
block quick from <bruteforce>
set skip on tx0
antispoof quick for { tx0 $ext_if }
# block non routable ips
block in quick on $ext_if from $norouteips to any
block out quick on $ext_if from any to $norouteips
# block exploited servers http://www.wizcrafts.net/exploited-servers-iptables-blocklist.txt
block in quick from <exploitedservers>
pass proto tcp from any to self port $tcpservices
pass inet proto tcp from any to port $tcpservices keep state (max-src-conn 100, max-src-conn-rate 30/5, overload <bruteforce> flush global)
I was wondering if the below ruleset could be causing the problem
Code:
pass inet proto tcp from any to port $tcpservices keep state (max-src-conn 100, max-src-conn-rate 30/5, overload <bruteforce> flush global)
I deleted my <bruteforce> table with a long list of ipaddress thinking I must have blocked myself but it did not work.
however mysteriously everything seems to be back to normal now even without using those smtp rules