From owner-freebsd-ports@freebsd.org Tue Oct 17 19:25:09 2017 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9354AE45326 for ; Tue, 17 Oct 2017 19:25:09 +0000 (UTC) (envelope-from jankyj@unfs.us) Received: from stig.purplehat.org (stig.purplehat.org [50.243.134.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 66D907FA3D for ; Tue, 17 Oct 2017 19:25:09 +0000 (UTC) (envelope-from jankyj@unfs.us) Received: from localhost (bill.goatse.unfs.us [50.243.134.106]) by stig.purplehat.org (Postfix) with ESMTP id E66F4791AE; Tue, 17 Oct 2017 13:25:07 -0600 (MDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=unfs.us; s=mail; t=1508268308; bh=tvbNrTq4C6u1PcGvW9cruDj26XFbY5lNDGeuOXtn1+s=; h=Subject:To:References:From:Date:In-Reply-To; b=Adl4xRMcGklvMgchamD5rNhCcNBeT8FLGNnZsfbzvGBY+/UXqYfN2om4zx2UVd1Vp c3hzQqZiTCiT7nKZTC1+liWm0/gKrPUUglpxVqcJxkMUtrGncgA7w6E2vmATaEUKRV l3Yid/fEl41S0F2y+XZLt0Hs0dsHaoQ6mGFwAy+o= Received: from stig.purplehat.org ([50.243.134.106]) by localhost (stig.purplehat.org [50.243.134.106]) (maiad, port 10024) with ESMTP id 77332-09; Tue, 17 Oct 2017 13:25:06 -0600 (MDT) Received: from drp01-dev.enwd.co.sc.charterlab.com (chtr-v.purplehat.org [172.30.30.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: jankyj@unfs.us) by stig.purplehat.org (Postfix) with ESMTPSA id 50320791A5; Tue, 17 Oct 2017 13:25:06 -0600 (MDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=unfs.us; s=mail; t=1508268306; bh=tvbNrTq4C6u1PcGvW9cruDj26XFbY5lNDGeuOXtn1+s=; h=Subject:To:References:From:Date:In-Reply-To; b=gB7mbNp6IAcoz1z7xbZIn7rh+EP2IE4VQtMTJcZcxQ/jhukeVE0lo1G2HgHFKCxTE Fenhys6EdL/U2i4aDrfrnsgoRHoo5XdL3DL5zKWk2BV/P+lwxmuJ6ppCz/BVsEHQfY /9D+fqMErdn51DuEtBU1PVBWCfWDFQ6ZqHBW0A84= Subject: Re: FreeBSD Port: py27-fail2ban-0.10.1 To: freebsd-ports@freebsd.org References: <49fbc280-f598-6734-0bdb-dfd24de4fa56@gmail.com> <8aa48ea4-4740-539f-6bbe-0b95dba59b5c@gmail.com> <07e73217-1b6c-07c6-562c-e1b0bf49cee4@unfs.us> <97b76bba-47ca-9872-4f07-b6dc166c1e82@gmail.com> From: "Janky Jay, III" Message-ID: Date: Tue, 17 Oct 2017 13:25:01 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <97b76bba-47ca-9872-4f07-b6dc166c1e82@gmail.com> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="nAdokJc2IuPOChtiH6McgHGlkp641HLTw" X-Virus-Scanned: Maia Mailguard X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Oct 2017 19:25:09 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --nAdokJc2IuPOChtiH6McgHGlkp641HLTw Content-Type: multipart/mixed; boundary="l8PK8muLMl8tVTE9rBWgkASXxP5LjA45t"; protected-headers="v1" From: "Janky Jay, III" To: freebsd-ports@freebsd.org Message-ID: Subject: Re: FreeBSD Port: py27-fail2ban-0.10.1 References: <49fbc280-f598-6734-0bdb-dfd24de4fa56@gmail.com> <8aa48ea4-4740-539f-6bbe-0b95dba59b5c@gmail.com> <07e73217-1b6c-07c6-562c-e1b0bf49cee4@unfs.us> <97b76bba-47ca-9872-4f07-b6dc166c1e82@gmail.com> In-Reply-To: <97b76bba-47ca-9872-4f07-b6dc166c1e82@gmail.com> --l8PK8muLMl8tVTE9rBWgkASXxP5LjA45t Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable Hi Alex, On 10/17/2017 10:35 AM, Alex V. Petrov wrote: > What should be in pf.conf? >=20 Something as simple has the below should work (edit to however you see fit): # define macros for each network interface ext_if =3D "em0" icmp_types =3D "echoreq" allproto =3D "{ tcp, udp, ipv6, icmp, esp, ipencap }" privnets =3D "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"= set loginterface $ext_if scrub in on $ext_if no-df random-id >=20 > 17.10.2017 23:15, Janky Jay, III =D0=BF=D0=B8=D1=88=D0=B5=D1=82: >> In the new 0.10 version, the action rule creates the tables for you >> based on the jail configuration. If you look at the jail files, you'll= >> see that you now call pfctl using additional arguments such as ports >> that are affected and a suffix to add to the default "f2b-" table name= =2E >> >> So, essentially, there is no reason to create tables in the >> pf.conf/pf.rules file anymore. They are automatically created when a >> fail2ban filter is triggered and the IP is then added to it. >=20 --l8PK8muLMl8tVTE9rBWgkASXxP5LjA45t-- --nAdokJc2IuPOChtiH6McgHGlkp641HLTw Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAlnmWQ0ACgkQGK3MsUbJZn4JdwCeJyGx/HXG6Ge/96OanZAY1OUQ o9EAni3Mj945xE+dUrkH+czhaxu+Muld =Auz/ -----END PGP SIGNATURE----- --nAdokJc2IuPOChtiH6McgHGlkp641HLTw--