|
FreeBSD Installation and Upgrading Installing and upgrading FreeBSD. |
|
Thread Tools | Display Modes |
|
|||
Automaticaly block IPs with PF
Hi,
I frequently check my logs and there are always some ips that are trying to get access to my system using bruteforce or some other scripts. I have never needed a tool to examine my logs and report such attacks, cause I'm looking at my logs very frequently, but now when I won't have that opportunity ( I won't be at home for a certain time ), I'd like to use such a tool that examines the logs and blocks.. What I'm using right now is a table in PF that reads /etc/blocked_ips and blocks each ip listed in the file. Code:
# --- block every ip from /etc/blocked_ips file --- table <blocked_ips> persist file "/etc/blocked_ips" # --- block every ip from /etc/blocked_ips file block in log quick on $ext_if from <blocked_ips> to any I want to ask you - what kind of automatic protection are you using? Some kind of a self-written scripts, or some ports that examines the logs and put the bad ips in file? Thanks!
__________________
"I never think of the future. It comes soon enough." - A.E Useful links: FreeBSD Handbook | FreeBSD Developer's Handbook | The Porter's Handbook | PF User's Guide | unix-heaven.org |
|
|||
Can you, please show me some of your custom protection scripts that you use with PF?
__________________
"I never think of the future. It comes soon enough." - A.E Useful links: FreeBSD Handbook | FreeBSD Developer's Handbook | The Porter's Handbook | PF User's Guide | unix-heaven.org |
|
|||
I personally use security/sshguard-pf to automatically create tables of IP addresses to block.
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
block spam | milo974 | OpenBSD Security | 1 | 26th May 2009 11:30 AM |
New tool on the block - scrypt | s0xxx | FreeBSD Security | 2 | 21st May 2009 07:48 AM |
Postfix: Block CIDR w/ whitelist?? | biscuits | FreeBSD Ports and Packages | 1 | 9th February 2009 02:53 AM |
Questions about Epiphany and block up popup | aleunix | OpenBSD Packages and Ports | 0 | 14th June 2008 06:18 AM |
BSD n00b needs to block incoming SQL on 3306 | renolinux | FreeBSD Security | 5 | 27th May 2008 02:26 PM |