[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rdr pass, max-src-conn

On Wed, 07 Sep 2005 14:19:06 -0400
Roy Morris <[email protected]> wrote:
> ed wrote:
> >pass in on $ext_if proto tcp from any to $range port {80,3389} keep
> >state ( max-src-conn 3, max-src-conn-rate 2/5, overload <abuse_src>
> >flush global )
Thanks Roy and Daniel for your answers. I have another question now
(sorry), how can I sync the table <abuse_src> with pfsync? It's great
that addresses which violate a connection rate limit are stored in a
table but it would be very nice if this could be carried over both
hosts, since I hope one of the boxes will be online at any given time
then the list could be stored indefinitely.
http://edd.link9.net - http://irc.is-cool.net