Expiretable is a utility for removing entries from a pf(4) table based on the age of the entries. This, among other things, can be used with a pf overload table to build a maintenance-free SSH brute force blocker.
|Tags||Security Networking Firewalls Systems Administration|
|Operating Systems||POSIX BSD FreeBSD OpenBSD|
Release Notes: The ability to specify age in minutes, hours, days, etc. was added. The age limit was changed to the limit imposed by OpenBSD's nanosleep.