Hello all.. My rules do not work.
I need help, no idea for fix.
I need help, no idea for fix.
Code:
ext_if="em0"
service_ports="{ 22,80,443,10011,30033 }"
udp_ports="{ 9987 }"
table <trusted_hosts> persist file "/var/db/trusted_hosts"
table <abusive_hosts> persist
table <sshguard> persist
icmp_types = "{ echoreq, unreach }"
set block-policy drop
set loginterface $ext_if
set optimization aggressive
set limit { frags 32000, states 64000 }
set skip on lo
scrub on $ext_if all random-id min-ttl 64 max-mss 1440 set-tos reliability reassemble tcp fragment reassemble
antispoof quick for { lo0 $ext_if }
block in
block in quick on $ext_if proto tcp from <sshguard> to any port 22 label "ssh bruteforce"
pass out all keep state
pass out on $ext_if all modulate state
pass in quick from <trusted_hosts>
block in quick from <abusive_hosts>
pass inet proto icmp all icmp-type $icmp_types keep state
pass in on $ext_if proto tcp to any port $service_ports flags S/SA synproxy state
(max-src-conn 50, max-src-conn-rate 25/5, overload <abusive_hosts> flush global)
pass in on $ext_if proto udp to any port $udp_ports keep state (max-src-states 5, max-src-conn-rate 5/5, overload <abusive_hosts> flush)