Hi everybody I'm with a problem on my pf I have no idea why or how but from nothing the table just get clear and all IPs blocked can access my page again. Have any config on pf that I'm maybe doing bad that may cause the problem? This is my pf.conf, and this is the command that I use to add IPs to block list. The list was working for something like 30 days without any problem then from nothing it just get clear then I add some IPs again and today (after less than 1 week) it just get clear again.
To completely block UDP on the firewall change this line:
to
pfctl -t abusive_hosts -T add 000.000.000.000
Code:
# Change the value to reflect your public interface. You can see this with ifconfig.
ext_if="eth0"
# Ports used for services
service_ports="{ 22, 80 }"
# Ports used by system
sys_ports="{11002}"
# IP addresses that should override the firewall rules, such as your web server.
table <trusted_hosts> const { 175.65.3.19 }
table <abusive_hosts> persist
set block-policy drop
set loginterface $ext_if
set skip on lo
scrub on $ext_if reassemble tcp no-df random-id
antispoof quick for { lo0 $ext_if }
block in
pass out all keep state
pass out on $ext_if all modulate state
pass in quick from <trusted_hosts>
block in quick from <abusive_hosts>
# Allow ping in
pass in inet proto icmp all icmp-type echoreq
# Rate limits, trial and error
pass in on $ext_if proto tcp to any port $service_ports flags S/SA keep state \
(max-src-conn 30, max-src-conn-rate 15/5, overload <abusive_hosts> flush)
pass in on $ext_if proto {tcp,udp} to any port $sys_ports flags S/SA keep state \
(max-src-conn 30, max-src-conn-rate 15/5, overload <abusive_hosts> flush)
Code:
pass in on $ext_if proto {tcp,udp} to any port $sys_ports flags S/SA keep state
Code:
pass in on $ext_if proto tcp to any port $sys_ports flags S/SA keep state