2e0e45a516
pf(4) users who use limiters in current should update the rules
accordingly to reflect the change in default behavior. The existing
rule which reads as follows:
pass in from any to any state limiter test
needs to be changed to:
pass in from any to any state limiter test (no-match)
OK dlg@
Obtained from: OpenBSD, sashan <sashan@openbsd.org>, c600931321
Sponsored by: Rubicon Communications, LLC ("Netgate")
3 lines
169 B
Plaintext
3 lines
169 B
Plaintext
source limiter dns-server id 1 entries 2 limit 3 rate 4/5 inet mask 16
|
|
pass in proto tcp from any to any port = domain flags S/SA keep state source limiter id 1 (block)
|