DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 8th November 2017
Lexus45 Lexus45 is offline
Port Guard
 
Join Date: May 2010
Location: Kurgan, Russia
Posts: 39
Default PF: limit number of incoming connectios during some time period

Hello all.

I wonder if there's an ability in PF like this one in iptables:
Code:
--dport 80 -m hashlimit --hashlimit-name WEBSRV --hashlimit-mode srcip --hashlimit-above 3/minute --hashlimit-htable-expire 120000 -j DROP
I read this http://man.openbsd.org/pf.conf.5#max-src-conn
And tried (don't worry, this is a VM and I have a "physical" access to it ):
Code:
pass in on $ext_if proto tcp from any to any port 22 keep state max-src-conn-rate 2/60
... but got en error while parsing the ruleset:
Code:
/etc/pf.conf:22: syntax error
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
BSDs 'lost' just because of this phone number 1-800-ITS-UNIX vermaden News 3 22nd November 2011 11:51 PM
postfix incoming only on external vdubjunkie General software and network 5 7th June 2009 08:02 PM
How to turn drives off after a period of time? drhowarddrfine FreeBSD General 9 3rd May 2009 12:05 PM
Number of Images exceeded 18Googol2 Feedback and Suggestions 2 10th May 2008 09:38 PM
I've never been number one in anything drhowarddrfine Off-Topic 4 1st May 2008 07:27 AM


All times are GMT. The time now is 05:54 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick