From owner-freebsd-pf@FreeBSD.ORG Thu Oct 16 06:05:00 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E4F2B1065692 for ; Thu, 16 Oct 2008 06:05:00 +0000 (UTC) (envelope-from artemrts@ukr.net) Received: from ffe5.ukr.net (ffe5.ukr.net [195.214.192.21]) by mx1.freebsd.org (Postfix) with ESMTP id 9E23C8FC0A for ; Thu, 16 Oct 2008 06:05:00 +0000 (UTC) (envelope-from artemrts@ukr.net) Received: from mail by ffe5.ukr.net with local ID 1KqLyj-000826-Od ; Thu, 16 Oct 2008 09:04:57 +0300 MIME-Version: 1.0 To: Jeremy Chadwick From: "Vitaliy Vladimirovich" X-Life: is great, enjoy it! X-Mailer: freemail.ukr.net mPOP 3.5.2 X-Originating-Ip: [194.0.148.10] In-Reply-To: <20081015202725.GA88225@icarus.home.lan> X-Browser: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.17) Gecko/20080829 Firefox/2.0.0.17 Message-Id: Date: Thu, 16 Oct 2008 09:04:57 +0300 X-UkrNet-Flag: 1 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: 8bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Peter Clark , freebsd-pf@freebsd.org Subject: Re[2]: PF syntax error X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Oct 2008 06:05:01 -0000 --- Original Message --- From: Jeremy Chadwick To: Peter Clark Date: 15 october, 20:27:25 Subject: Re: PF syntax error On Wed, Oct 15, 2008 at 12:00:50PM -0500, Peter Clark wrote: > Hello, > > I am not sure if I should be here or over at a pf specific list but here > is my problem. I've changed the CC list, so this will now go to the freebsd-pf mailing list instead. > I am trying my hand at pf on a 7.0-p5 RELEASE box and one rule is giving > me problems. > > pass in quick on $ext_if proto tcp from any to any port 22 flags S/SA \ > > (max-src-conn 15, max-src-conn-rate 5/3, overload flush > global) > > Actually the "pass in" line does not generate the error. The next line does. > > /etc/pf.conf:71: syntax error > If I remove the line the error goes away (obviously). I have tried using > the exact line from the FreeBSD pf.conf man page: > > (max-src-conn-rate 100/10, overload flush global) > > (I changed to )and that generates the same > error. I tried just using: > (max-src-conn-rate 100/10) > > but that too gives me a syntax error. > > Any help is appreciated. If you want use the  stateful tracking options you should specify source-track option: source-track rule or source-track global.