Rico wrote:
I am using this 'table <sshdtrolls> persist file "/root/pf/sshdhackers"'
I don't get any entries in the sshdhackers file and I don't get blocked
from the system.
A table modification is not automatically added to the file the table
was once populated from. Use
# pfctl -t sshdtrolls -T show > /root/pf/sshdhackers
for that.
Concerning not being blocked, do you have this too?
and a rule
#stop ssh trolls
block in log quick on $EXT_IF inet proto {tcp,udp} from <sshdtrolls>
to $EXT_IF port ssh label "SSHDTrolls"
/Alexander
