On Sat, 1 Apr 2017 08:29:41 +1100 (EST) Dave Horsfall <d...@horsfall.org> wrote
> Does anyone have a PF rule that actually blocks woodpeckers? I have this > rule: > > pass inet proto tcp from any to any port smtp \ > flags S/SA keep state \ > (max-src-conn 10, max-src-conn-rate 2/20, \ > overload <woodpeckers> flush global) I could never get that to work, either. > > I understand that as being no more than twice in twenty seconds (which is > amply generous by my reading of the RFC), but it's not working; for > example, the latest problem-child is: > > Date: Mar 31 00:04:10 (v2UD3uT2070289) > from=<ret...@manualpratico.info> > relay=server1.manualpratico.info [186.251.128.25] > reject=450 4.7.1 <d...@horsfall.org>... I greylist .info > > Date: Mar 31 00:14:25 (v2UDEBaT070308) > from=<ret...@manualpratico.info> > relay=server1.manualpratico.info [186.251.128.25] > reject=450 4.7.1 <d...@horsfall.org>... I greylist .info > > continuing every 15 seconds (and I've seen much worse) which I have > manually blocked ("pfctl -t woodpeckers -T add 186.251.128.25", but isn't > PF supposed to do that for me? > > (And yes, Sendmail also has this non-working "feature", but that's OT.) OFF TOPIC The following works famously for me in my (hostname).mc file: FEATURE(greet_pause, `6000') as does: define(`confCONNECTION_RATE_THROTTLE', `2') HTH As for OT; I'd have sent it to you off list. But your bouncing me. --Chris _______________________________________________ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"