Add entries to table

[gpatrick]

block in log quick on $prv_if proto tcp from ! 10.10.21.12 to $prv_if \
        port ssh (max-src-conn 10, max-src-conn-rate 3/5, \
        overload <bruteforce> flush global)

When I try to login using ssh from my DMZ I'm not getting anything added to my bruteforce table. Is my rule correct?

pfctl -t bruteforce -T show

Shows nothing but I expected the IP from my DMZ server to be logged.

 

[DutchDaemon]

Are you sure you're actually overloading the max-src settings?

 

[gpatrick]

Good point, I didn't think about that. I'll test.