FreeBSD Port: py27-fail2ban-0.10.1
Janky Jay, III
jankyj at unfs.us
Tue Oct 17 19:25:09 UTC 2017
Hi Alex,
On 10/17/2017 10:35 AM, Alex V. Petrov wrote:
> What should be in pf.conf?
>
Something as simple has the below should work (edit to however you see
fit):
# define macros for each network interface
ext_if = "em0"
icmp_types = "echoreq"
allproto = "{ tcp, udp, ipv6, icmp, esp, ipencap }"
privnets = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"
set loginterface $ext_if
scrub in on $ext_if no-df random-id
>
> 17.10.2017 23:15, Janky Jay, III пишет:
>> In the new 0.10 version, the action rule creates the tables for you
>> based on the jail configuration. If you look at the jail files, you'll
>> see that you now call pfctl using additional arguments such as ports
>> that are affected and a suffix to add to the default "f2b-" table name.
>>
>> So, essentially, there is no reason to create tables in the
>> pf.conf/pf.rules file anymore. They are automatically created when a
>> fail2ban filter is triggered and the IP is then added to it.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20171017/7816977c/attachment.sig>
More information about the freebsd-ports
mailing list