FreeBSD Port: py25-fail2ban-0.8.3_1
cjones at pittstate.edu
Wed Jun 17 21:21:12 UTC 2009
As you know, many people are now using PF on their FreeBSD servers. I've
made some changes to make it work with PF, and I think they are worth
including in the port by default.
I'm including the configuration needed to use Fail2Ban with PF on FreeBSD.
Basically, you make a table in PF, and add to the table as the
'actionban' and remove the entry from the table as the 'actionunban'.
You can easily see a list of banned addresses using:
sudo pfctl -t fail2ban -T show
Thanks for the port of this great utility!
Senior Systems Manager
Pittsburg State University
E-mail: cjones at pittstate.edu
"The production of too many useful things results in too
many useless people."
-------------- next part --------------
FAIL2BAN EDITS FOR PF ON FREEBSD
Chris Jones - 2009.06.17
# PF jail
enabled = true
filter = sshd
action = pf
sendmail-whois[name=SSH, dest=email at domain.com]
logpath = /var/log/auth.log
actionban = pfctl -t fail2ban -T add <ip>
actionunban = pfctl -t fail2ban -T delete `pfctl -t fail2ban -T show 2>/dev/null | grep <ip>`
port = ssh
localhost = 127.0.0.1
table <fail2ban> persist
block in on $ext_if from <fail2ban>
More information about the freebsd-ports