Hi all,
I use the next rule:
# SSH brutes protection
pass quick on $bridge inet proto tcp from any to $vlan10 port 22 keep
state \
(max-src-conn 20, max-src-conn-rate 3/12, \
overload <ssh_brutes> flush global)
with success. No problem, all works fine.
I wonder if I can apply this type of rule to UDP connections (I try to
protect some busy DNS servers)
--
I must not fear. Fear is the mind-killer. Fear is the little-death that
brings total obliteration. I will face my fear. I will permit it to pass
over me and through me. And when it has gone past I will turn the inner
eye to see its path. Where the fear has gone there will be nothing. Only
I will remain.
Bene Gesserit Litany Against Fear.