From 0a02966a8ee55d8a6cb87a7e74076d6a855c5a44 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Fri, 17 Mar 2023 23:42:56 +0200
Subject: [PATCH] Router: Raise the SSH limits.

The Am I Live checks routinely fail because of it.
---
 Ansible/roles/router/files/pf.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Ansible/roles/router/files/pf.conf b/Ansible/roles/router/files/pf.conf
index aec3713..e333dae 100644
--- a/Ansible/roles/router/files/pf.conf
+++ b/Ansible/roles/router/files/pf.conf
@@ -33,7 +33,7 @@ match on egress proto { tcp, udp } from kodi.shore.co.il tos 0x02 set queue bulk
 match on egress proto { tcp, udp } to kodi.shore.co.il tos 0x02 set queue bulk set prio 1
 
 # Defaults
-pass in quick proto tcp to (all:0) port ssh keep state (source-track rule, max 100, max-src-nodes 10, max-src-conn-rate 15/60, overload <brute> flush global)
+pass in quick proto tcp to (all:0) port ssh keep state (source-track rule, max 100, max-src-nodes 20, max-src-conn-rate 15/60, overload <brute> flush global)
 match out on egress inet from (ingress:network) nat-to (egress)
 block in all
 pass out all
-- 
GitLab