Hi,
I just upgraded to OpenBSD 5.2 current
amd64 9/24/2012 version.
I was previously running the 9/4/2012 version.
Suddenly I notice the port 22 brute force
protection in my pf.conf isn't working.
I'm using the same statement in my pf.conf
file that I've used for months.
Has something changed recently with regard
to the "overload" "flush global" commands?
Here's what I was running that has worked up til
now.
table <bruteforce_ips> persist
pass in quick log on egress inet proto tcp from any to any port ssh
flags S/SA keep state \
(max-src-conn-rate 3/30, overload <bruteforce_ips> flush global)
Where before any attempted connection that exceeded
3 times in 30 seconds to port 22 would put the IP address
in <bruteforce_ips>, now nothing ever gets put in it.
Has something changed in the recent past that is causing this?
Thanks, Ed
_______________________________________________
Openbsd-newbies mailing list
[email protected]
http://mailman.theapt.org/listinfo/openbsd-newbies
