Simplest way to deny access to a class C

Patrick Gibson gibblertron at
Thu Mar 3 23:58:06 UTC 2011

You might consider mod_security (/usr/ports/www/mod_security) which
can be set up to ban hosts based on behaviour or characteristics.

Or fail2ban (/usr/ports/security/py-fail2ban) is really great, too, in
that it scans whatever logs you want, and can trigger a block in your
firewall if enough violating log entries are found within a particular
period of time. Everything is totally configurable, and there are
plenty of examples that come with it.


On Thu, Mar 3, 2011 at 8:59 AM, Jorge Biquez <jbiquez at> wrote:
> Hello all.
> I am sorry in advance if this question sounds too stupid.
> I have a small server for personal use of webpages running:
> it is working fine , no problem very stable.
> I just need to block some IP class C address that are always trying to
> "discover" directories or applications under the web server. They do not do
> and can not do anything since this server has nothing installed but i am
> tired of seeing in the logs all the intents they do every 2-3 seconds.
> I have not installed any kind of firewall yet.
> What do you think is the best way to accomplish this task? If possible the
> easiest one. I do not want to do anything else but just bloc IP's, at this
> moment at least.
> Thanks in advance.
> Jorge Biquez
> _______________________________________________
> freebsd-questions at mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at"

More information about the freebsd-questions mailing list