Date: Tue, 04 Nov 2014 22:56:32 +0100 From: "Michael Ross" <gmx@ross.cx> To: "Charlie Root" <root@ymer.thorshammare.org>, "Lowell Gilbert" <freebsd-questions-local@be-well.ilk.org>, freebsd-questions@freebsd.org Subject: Re: sshguard pf Message-ID: <op.xotlwiezg7njmm@michael-think.fritz.box> In-Reply-To: <44oasm7l6f.fsf@lowell-desk.lan> References: <20141102154444.GA42429@ymer.thorshammare.org> <54581F0E.4080404@a1poweruser.com> <20141104110202.GA37003@ymer.thorshammare.org> <44vbmv6kyp.fsf@lowell-desk.lan> <20141104193652.GA3062@ymer.thorshammare.org> <44oasm7l6f.fsf@lowell-desk.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 04 Nov 2014 21:41:44 +0100, Lowell Gilbert
<freebsd-questions-local@be-well.ilk.org> wrote:
> Charlie Root <root@ymer.thorshammare.org> writes:
>
>> Do "bruteblock" require me to run ipfw2 as my firewall ?
>
> Yes. That's why I mentioned that there are several other options, I just
> don't know them myself.
>
> Last I checked, bruteblock doesn't support IPv6 either, so one of these
> days I may have to check into the choices again.
For the record, I use fail2ban,
and setting it up was painless, and it will support pf.
Quick-How-To:
1. Install fail2ban
2. Create file /usr/local/etc/fail2ban/jail.local
[sshd]
enabled = true
action = pf
port = ssh
logpath = %(sshd_log)s
[sshd-ddos]
enabled = true
action = pf
port = ssh
logpath = %(sshd_log)s
3. Modify /usr/local/etc/fail2ban/action.d/pf.conf
You need the correct path to pfctl in "actionban" and "actionunban"
and the correct tablename in the [Init] section at the end.
4. service fail2ban onestart
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.xotlwiezg7njmm>