Hi, Am 05.03.2010 18:10, schrieb John: > I have just switched to pf from ipfw, so I am still learning the > nuances and style points.
I switched now to security/sshguard-pf. It works perfectly and blocks also via pf. Blocking is working there with: table <sshguard> persist block in log quick proto tcp from <sshguard> to any label "ssh bruteforce" probability 85% So I let 15% of the pakets through in the hope that will slow down this brute force attacks and I can protect in this step other hosts. Hopefully the attacker keeps then longer in my tarpit. Bye Matthias -- "Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the universe trying to produce bigger and better idiots. So far, the universe is winning." -- Rich Cook _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"