From owner-freebsd-questions@FreeBSD.ORG Sat Apr 24 14:47:43 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0A80D106566B for ; Sat, 24 Apr 2010 14:47:43 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from ozzie.tundraware.com (ozzie.tundraware.com [75.145.138.73]) by mx1.freebsd.org (Postfix) with ESMTP id BB9548FC1C for ; Sat, 24 Apr 2010 14:47:42 +0000 (UTC) Received: from [192.168.0.2] (viper.tundraware.com [192.168.0.2]) (authenticated bits=0) by ozzie.tundraware.com (8.14.4/8.14.4) with ESMTP id o3OElZ6V026781 (version=TLSv1/SSLv3 cipher=DHE-DSS-CAMELLIA256-SHA bits=256 verify=NO); Sat, 24 Apr 2010 09:47:35 -0500 (CDT) (envelope-from tundra@tundraware.com) Message-ID: <4BD30491.2050505@tundraware.com> Date: Sat, 24 Apr 2010 09:47:45 -0500 From: Tim Daneliuk User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4 MIME-Version: 1.0 To: "Bauer, Aaron J." , "freebsd-questions@freebsd.org" References: In-Reply-To: X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.3 (ozzie.tundraware.com [75.145.138.73]); Sat, 24 Apr 2010 09:47:35 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: o3OElZ6V026781 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No Cc: Subject: Re: Setup Fail2Ban on FreeBSD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Apr 2010 14:47:43 -0000 On 4/23/2010 8:03 PM, Zhu Jing wrote: > On Sat, Apr 24, 2010 at 1:49 AM, Bauer, Aaron J. wrote: > >> I am currently using FreeNAS 0.7 for a file server. I have multiple SSH >> bruteforce attacks each week, and wish to use fail2ban to prevent this. >> >> I don't have much experience with BSD, and am having trouble getting >> everything to work. I ran pkg_add -r python25 and pkg_add -r py25-fail2ban. >> I now have all the files for Fail2Ban, and did the cp jail.conf jail.local >> as the other distro's for linux use. >> >> However, how do I start using fail2ban? I have configured it for CentOS >> and Ubuntu, and it starts in init.d. I don't know how to add it to >> /etc/rc.d to get it to work correctly.. >> >> Any help is greatly appreciated. If you need more info, please let me >> know. >> >> Aaron >> Software Research Intern >> Aaron.J.Bauer@SAIC.com I came up with another approach to this problem that involves dynamic control of TCP Wrappers. It's freely available at: http://www.tundraware.com/Software/tperimeter/ ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/