====== Packet Filter Attack Mitigation ======

===== Example =====
<file>
table <abusive_hosts> persist
block in quick from <abusive_hosts>

pass in on $ext_if proto tcp to $web_server port www \ 
flags S/SA keep state \
(max-src-conn 100, max-src-conn-rate 15/5, overload <abusive_hosts> flush)
</file>

===== Break it down line by line =====
  - define a table to store abusive hosts
  - block the abusive hosts
  - pass traffic to the web server
  - you need "flags S/SA keep state"
  - if a host creates more than 100 at a time or creates 15 connections a sec it is placed in abusive_hosts