yes Anathae Townsend [atowns...@nucleus.com] wrote: > the following pf.conf fragment allows ssh connections from the outside world > > to my firewall > > pass in on egress proto tcp from any to egress port ssh keep state \ > (max-src-conn 10, max-src-conn-rate 4/20, overload <brutes> flush global) > > If I understand tables and pf properly, and I have a default block all in > rule > could I not change it to the following fragment and allow only those not > already > added to the <brutes> table in? > > pass in on egress proto tcp from ! <brutes> to egress port ssh keep state \ > (max-src-conn 10, max-src-conn-rate 4/20, overload <brutes> flush global)
-- I'm going to take a 6 month sabbatical to meditate on your words. There's just something deeply compelling about what you have to say that fills me with a sense of longing for a truer understanding of this wacky universe of ours. Thank you fellow scholar. You have changed me.