1.在/etc/pf.conf加入底下規則　　table persist　　table persist　　block quick from 　　block quick from 　　pass quick inet proto tcp from any to any port 22 keep state (max-src-conn 5, max-src-conn-rate 3/20,overload flush global)　　pass quick inet proto tcp from any to any port ftp keep state (max-src-conn 5, max-src-conn-rate 10/40,overload flush global)　　2.再寫個script去紀錄每天的狀況　　#!/bin/sh　　log_file="/var/log/bad_guy.log"　　date >> $log_file　　echo " FTP:" >> $log_file　　/ *** in/pfctl -t SSHbruteforce -T show >> $log_file　　echo " SSH:" >> $log_file　　/ *** in/pfctl -t FTPbruteforce -T show >> $log_file　　3.阻擋一日後,即清除IP紀錄,先裝套件/usr/ports/security/expiretable　　# /usr/local/ *** in/expiretable -v -d -t 24h SSHbruteforce　　# /usr/local/ *** in/expiretable -v -d -t 24h FTPbruteforce　　並把設定加入rc.local　　原文地址 http://www.bsdlover.cn/html/50/n-1750.html