summaryrefslogtreecommitdiff
path: root/regress/sbin/pfctl/pf89.ok
blob: e66f5f89f5d4d68d2b51353f2ec1b6db83358c3b (plain) 
1
2
3
4
5
6
7
8
9
10
11

table <bad> persist
block drop all
block drop quick from <bad> to any
pass out proto tcp all flags S/SA keep state
pass out proto icmp all keep state
pass out proto udp all keep state
pass in on lo1000001 inet proto tcp from any to 10.0.0.1 port = ssh flags S/SA keep state (source-track rule, max-src-conn 10, max-src-conn-rate 3/99, src.track 99)
pass in on lo1000001 inet proto tcp from any to 10.0.0.2 port = ssh flags S/SA keep state (source-track rule, max-src-conn 10)
pass in on lo1000001 inet proto tcp from any to 10.0.0.3 port = ssh flags S/SA keep state (source-track rule, max-src-conn-rate 3/99, src.track 99)
pass in on lo1000000 inet proto tcp from any to 10.0.0.1 port = www flags S/SA modulate state (source-track rule, max-src-conn 100, max-src-conn-rate 10/5, overload <bad> flush, src.track 5)
pass in on lo1000000 inet proto tcp from any to 10.0.0.1 port = 8080 flags S/SA synproxy state (source-track rule, max-src-conn 1000, max-src-conn-rate 1000/5, overload <bad> flush global, src.track 5)
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-21 03:58:02 +0000