You have to use this kind of thing.

IWETHEY v. 0.3.0 | TODO

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #237,480

12/9/05 2:28:39 PM

12/9/05 2:29:26 PM

You have to use this kind of thing.

table <id439E4021.2> { FWexternIP , FWinternIP } pass in quick inet proto tcp from yourIP to <id439E4021.2> port 22 modulate state label "RULE -1 -- ACCEPT "

I am assuming you have already done tables? pfctl can and does do tables. You should put these two lines first.

That will never deny access from that IP. The <id439E4021.2> is an arbitrary number. It could have been <id11111111.1> or <1fishingtime>

I am not sure about it severing connections and making them re-connect. Though, I have never heard of it doing that.

--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ i_wethey
Freedom is not FREE.
Yeah, but 10s of Trillions of US Dollars?

SELECT * FROM scog WHERE ethics > 0;

0 rows returned.

Edited by folkert Dec. 9, 2005, 02:29:26 PM EST

Expand All History

OpenBSD PF rules refresh - (broomberg) - (1) - Dec. 7, 2005, 02:56:53 PM EST

You have to use this kind of thing. - (folkert) - Dec. 9, 2005, 02:29:26 PM EST

I was trying to read your bio when it got chucked clear off the screen by a Jimmy Dean sausage pancake.
90 ms