Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pf 'overload' support?

    Development
    2
    3
    524
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JeGrJ
      JeGr LAYER 8 Moderator
      last edited by

      Hi there :)

      just a quick question as I stumbled upon it on an OpenBSD PF setup: Is the "overload" directive of pf included in the FreeBSD port of pf as well?

      https://www.freebsd.org/doc/de/books/handbook/firewalls-pf.html (30.3.3.5) would indicate it is?

      It's just mentioned for SSH usage but could be useful for a wider variety of services (e.g. mail is also mentioned) and putting those IPs that kill the defined rate limit into an automatic blocking alias/table would surely be a nice addition to the ruleset functionality (and reminds a bit of the easyrule thing).

      Greets

      Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

      If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Yes. If you define Max src conn Rate on a firewall rule, then if a client goes over those limits it's added to a special internal table that blocks additional connections from them. That uses the overload keyword.

        https://github.com/pfsense/pfsense/blob/master/src/etc/inc/filter.inc#L3124

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • JeGrJ
          JeGr LAYER 8 Moderator
          last edited by

          Ah the virusprot table? Hmm, would be nice to separate them into customizable tables but good to know! :)

          Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

          If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.