summaryrefslogtreecommitdiff
path: root/regress/sbin/pfctl/pf89.optimized
blob: 72fa1d69dd7c285839921c7b25529708aa061a9b (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

@0 block drop all
  [ Skip steps: i=5 d=2 f=5 p=2 sp=end da=5 dp=5 ]
  [ queue: qname= qid=0 pqname= pqid=0 ]
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
@1 block drop quick from <bad:0> to any
  [ Skip steps: i=5 f=5 sp=end da=5 dp=5 ]
  [ queue: qname= qid=0 pqname= pqid=0 ]
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
@2 pass out proto tcp all flags S/SA keep state
  [ Skip steps: i=5 d=5 f=5 sa=end sp=end da=5 dp=5 ]
  [ queue: qname= qid=0 pqname= pqid=0 ]
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
@3 pass out proto icmp all keep state
  [ Skip steps: i=5 d=5 f=5 sa=end sp=end da=5 dp=5 ]
  [ queue: qname= qid=0 pqname= pqid=0 ]
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
@4 pass out proto udp all keep state
  [ Skip steps: sa=end sp=end ]
  [ queue: qname= qid=0 pqname= pqid=0 ]
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
@5 pass in on lo1000001 inet proto tcp from any to 10.0.0.1 port = ssh flags S/SA keep state (source-track rule, max-src-conn 10, max-src-conn-rate 3/99, src.track 99)
  [ Skip steps: i=8 d=end f=end p=end sa=end sp=end dp=8 ]
  [ queue: qname= qid=0 pqname= pqid=0 ]
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
@6 pass in on lo1000001 inet proto tcp from any to 10.0.0.2 port = ssh flags S/SA keep state (source-track rule, max-src-conn 10)
  [ Skip steps: i=8 d=end f=end p=end sa=end sp=end dp=8 ]
  [ queue: qname= qid=0 pqname= pqid=0 ]
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
@7 pass in on lo1000001 inet proto tcp from any to 10.0.0.3 port = ssh flags S/SA keep state (source-track rule, max-src-conn-rate 3/99, src.track 99)
  [ Skip steps: d=end f=end p=end sa=end sp=end ]
  [ queue: qname= qid=0 pqname= pqid=0 ]
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
@8 pass in on lo1000000 inet proto tcp from any to 10.0.0.1 port = www flags S/SA modulate state (source-track rule, max-src-conn 100, max-src-conn-rate 10/5, overload <bad> flush, src.track 5)
  [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ]
  [ queue: qname= qid=0 pqname= pqid=0 ]
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
@9 pass in on lo1000000 inet proto tcp from any to 10.0.0.1 port = 8080 flags S/SA synproxy state (source-track rule, max-src-conn 1000, max-src-conn-rate 1000/5, overload <bad> flush global, src.track 5)
  [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ]
  [ queue: qname= qid=0 pqname= pqid=0 ]
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-13 16:34:35 +0000