Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 28 Jun 2016 21:51:04 -0700
From:      Cary <cary@SDF.org>
To:        freebsd-questions@freebsd.org
Subject:   Re: fail2ban + ipfw howto?
Message-ID:  <577353B8.1000703@SDF.org>
In-Reply-To: <55e0f2c5-4b1e-03dd-c548-ad00df0648c4@shopzeus.com>
References:  <55e0f2c5-4b1e-03dd-c548-ad00df0648c4@shopzeus.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
Nagy László Zsolt wrote:
>   Hello,

> So can somebody suggest a good place to start with fail2ban + ipfw?
> 
> Thanks,
> 
>    Laszlo
> 

> 
Hi,

Have you tried changing the value of "banaction" to "ipfw" ?

-- 
cary@sdf.org
SDF Public Access UNIX System - http://sdf.org


------------------------------

[-- Attachment #2 --]
*** /usr/local/etc/fail2ban/jail.conf	Mon Jun 27 20:55:22 2016
--- /usr/local/etc/fail2ban/jail.local	Tue Jun 28 21:25:36 2016
***************
*** 154,164 ****
  
  # Default banning action (e.g. iptables, iptables-new,
  # iptables-multiport, shorewall, etc) It is used to define
  # action_* variables. Can be overridden globally or per
  # section within jail.local file
! banaction = iptables-multiport
  banaction_allports = iptables-allports
  
  # The simplest action to take: ban only
  action_ = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
  
--- 154,165 ----
  
  # Default banning action (e.g. iptables, iptables-new,
  # iptables-multiport, shorewall, etc) It is used to define
  # action_* variables. Can be overridden globally or per
  # section within jail.local file
! #banaction = iptables-multiport
! banaction = ipfw
  banaction_allports = iptables-allports
  
  # The simplest action to take: ban only
  action_ = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
  
***************
*** 223,233 ****
  [sshd]
  
  port    = ssh
  logpath = %(sshd_log)s
  backend = %(sshd_backend)s
! 
  
  [sshd-ddos]
  # This jail corresponds to the standard configuration in Fail2ban.
  # The mail-whois action send a notification e-mail with a whois request
  # in the body.
--- 224,234 ----
  [sshd]
  
  port    = ssh
  logpath = %(sshd_log)s
  backend = %(sshd_backend)s
! enabled = yes
  
  [sshd-ddos]
  # This jail corresponds to the standard configuration in Fail2ban.
  # The mail-whois action send a notification e-mail with a whois request
  # in the body.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?577353B8.1000703>