From owner-freebsd-questions Thu Feb 22 11:16:27 2001 Delivered-To: freebsd-questions@freebsd.org Received: from xena.gsicomp.on.ca (cr677933-a.ktchnr1.on.wave.home.com [24.43.230.149]) by hub.freebsd.org (Postfix) with ESMTP id D6EF837B491 for ; Thu, 22 Feb 2001 11:16:24 -0800 (PST) (envelope-from matt@gsicomp.on.ca) Received: from hermes (hermes.gsicomp.on.ca [192.168.0.18]) by xena.gsicomp.on.ca (8.11.1/8.9.3) with SMTP id f1MJEGi98031; Thu, 22 Feb 2001 14:14:17 -0500 (EST) (envelope-from matt@gsicomp.on.ca) Message-ID: <005a01c09d03$c8990c70$1200a8c0@gsicomp.on.ca> From: "Matthew Emmerton" To: "G D McKee" , "Brennan Stehling" , "Ben" Cc: "freebsd-questions" References: <000701c09d02$aaaf8960$0500a8c0@gdmckee.local> Subject: Re: NATD Date: Thu, 22 Feb 2001 14:15:12 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Have you managed to get portsentry to work with ipfw? Does anyone have a > working config? I use portsentry on my firewall machine, and it works beautifully. (I love seeing the denied messages triggered l33t h4x0rs doing port scans.) I used portsentry from the ports, and just modified the portsentry.conf file to suite my fancy (ports detected, ban on nth attempt, etc.) You will need to uncomment (or change or add, I forget) a KILL_ROUTE line (depending on your firewall options, you may need to change 10 to something else so that rule priorities are correct.) KILL_ROUTE="/sbin/ipfw add 10 deny all from $TARGET$:255.255.255.255 to any" And that's it! -- Matt Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message